20 Vulnerability Assessments jobs in Riyadh

Join to apply for the Cyber Security Analyst role at Dkhoon Emirates

Join to apply for the Cyber Security Analyst role at Dkhoon Emirates

Get AI-powered advice on this job and more exclusive features.

We are looking for a proactive and skilled Cyber Security Analyst to join our in-house IT team. The ideal candidate will be responsible for strengthening our organisation’s security posture, ensuring systems are secure, compliant, and resilient against evolving threats.

Key Responsibilities:

Conduct network vulnerability assessments and penetration testing (VAPT) to identify and mitigate security risks.

Perform firewall configuration reviews and internal network assessments to maintain a strong security infrastructure.

Deliver web and mobile application security assessments, ensuring alignment with OWASP Top 10 standards.

Support implementation of data protection and privacy frameworks, including Personal Data Protection Act (PDPA) or similar regulations relevant to our operations.

Prepare and present technical reports and executive summaries, outlining security observations, risk analysis, and actionable remediation plans.

Collaborate with IT and compliance teams to ensure alignment with CIS Controls, ISO 27001, and GDPR basics.

Manage and monitor endpoint protection, IDS/IPS systems, and SIEM tools to proactively detect and respond to threats.

Assist in incident response procedures, root cause analysis, and implementing preventive measures.

Automate routine security tasks using PowerShell, Bash, or Python scripting to improve efficiency.

Required Skills & Expertise:

️ Firewall & VPN configuration: FortiGate, Cisco ASA, Palo Alto

️ Penetration testing tools: Nmap, Metasploit, Burp Suite, Nessus, Wireshark

️ Identity and Access Management (IAM)

️ Incident Response procedures and frameworks

️ Good scripting knowledge in PowerShell, Bash, and Python for automation and security analysis

️ Strong understanding of cloud security fundamentals and compliance frameworks (e.g. PDPA, ISO 27001, GDPR basics)

Qualifications:

Bachelor’s Degree in IT or Cyber Security (or equivalent work experience)

Relevant certifications such as CompTIA Security+, CEH, eJPT, or INE Certified Cloud Associate are preferred.

Who You Are:

Analytical with strong problem-solving abilities

Excellent communicator with skills to collaborate across IT, compliance, and management teams

Passionate about cyber security best practices and continuous learning

Able to work independently to proactively identify and address security issues within the organization

• Seniority level Entry level

• Employment type Full-time

• Job function Information Technology
• Industries Retail

Referrals increase your chances of interviewing at Dkhoon Emirates by 2x

Get notified about new Cyber Security Analyst jobs in Riyadh, Riyadh, Saudi Arabia .

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

The Cyber Analyst performs real-time event and incident management processes within the SOC, including internal security incident evaluation and response, following established guidelines and policies.

1. Monitor and analyze logs in real-time using leading SIEM technology.
2. Identify security incidents and conduct first-level investigations.
3. Escalate incidents to Level 2 Analysts for further response.

• Bachelor's degree in Computer Science or a related field.
• Master's degree in Information Security is preferred.
• Ability to work on a flexible, rotational 24x7x365 schedule.
• Strong adherence to processes, procedures, and task prioritization.
• Knowledge of attack techniques and current threat landscape is desirable.
• Understanding of TCP/IP, Linux, Windows infrastructures, and basic network security concepts.
• Excellent communication skills in English.
• Analytical and troubleshooting skills for quick resolution.
• Prior experience with SIEM/Log Analysis is a plus but not required.

Our Culture:

At Hulool Zaintech for Information Technology we are proud of our culture and how it drives everything we do. We are looking for individuals who share our values and want to be part of a unique and engaging culture that revolves around collaboration and innovation. If you are looking for a role where you can drive engagement and excellence across teams through commitment and collaboration, and are someone who is customer-centric and appreciates an organization with uncompromised integrity that focuses on employee engagement then read on to learn more about how you can become part of the Hulool Zaintech family.

Our Code of Conduct

At Hulool Zaintech for Information Technology we strictly adhere to our code of conduct, which is there to serve as a moral compass, offering a framework for responsible behaviours and enabling ethical choices that cultivate positive relationships and a better future. It also outlines policies, standards, and procedures for our global operations, promoting integrity and ethical excellence across the countries we engage with.

Every year, all employees are required to review, comprehend, confirm, and adhere to the code of conduct. Additionally, all newly hired employees are subject to the same as part of their onboarding process.

Duties and Responsibilities:

· Provide 24x7 monitoring (shift based), analysis and alerting of IT Security events and incidents.

• Analyze security events to verify incidents and their potential impact and risk to the clients.

• Create tickets for incident alerts and prioritize, correlate, and analyze events and incidents.

• Prepare and share incident analysis form to initiate response to validated events by engaging the required teams or resources to address the security incidents

• Analyze recurring incidents and performance of existing systems, processes, people and ensure corrective actions are taken.

• Proactive monitoring and respond to known and emerging threats against the network.

• Whitelist and fine-tuning content (use-cases) on SIEM solution.

• Threat hunting by identifying and hunting for emerging threat activities across all internal and external sources

• Perform complex data analysis in support of security event management.

• Conducting detailed & comprehensive investigation and triage on wide variety of security events and implement cleanup and remediation processes.

• Participation on Incident Response that includes root cause and lessons learned.

• Participation in the development of new logic and analytical capabilities.

· 3+ years’ experience in SOC operation or with common security operations systems, Intrusion Detection Systems (IDS/IPS), Security Incident Event Management systems (SIEM), anti-virus log collection systems, etc.

· Excellent security data analytical and problem-solving skills.

· Good knowledge and expertise of using SIEMSOAR technologies for event investigation

· Demonstrated experience with a wide variety of security logs to detect and resolve security issues.

· Demonstrated success as a member of a highly collaborative team.

· Excellent written and oral communication skills

· Good understanding of the incident response process

Our Culture:

At Hulool Zaintech for Information Technology, we are proud of our culture and how it drives everything we do. We seek individuals who share our values and want to be part of a unique, engaging culture centered around collaboration and innovation. If you are looking for a role where you can enhance engagement and excellence across teams through commitment and collaboration, and are customer-centric with a focus on integrity and employee engagement, then read on to learn how you can join the Hulool Zaintech family.

Our Code of Conduct:

We strictly adhere to our code of conduct, which serves as a moral compass, providing a framework for responsible behavior and ethical decision-making. It outlines policies, standards, and procedures for our global operations, promoting integrity and ethical excellence across all countries we operate in. All employees review, understand, and adhere to this code annually, including new hires during onboarding.

Duties and Responsibilities:

1. Manage, configure, test, and integrate the SIEM system, focusing on content development such as reports, dashboards, real-time rules, filters, and channels.
2. Develop and deploy new content (use-cases) on SIEM solutions based on business or threat requirements, with the engineering team's support.
3. Conduct breach and investigative analysis to trace activities related to advanced threats.
4. Investigate and escalate complex or high-severity security threats or incidents.
5. Serve as an escalation resource and mentor for other analysts.
6. Collaborate with SIEM engineering and security partners to develop and refine correlation rules.
7. Maintain expertise in advanced persistent threats, forensics, and incident response practices.
8. Perform threat hunting to identify emerging threat activities across internal and external sources.
9. Coordinate evidence gathering, documentation, and review security incident reports.
10. Assist in defining and driving strategic security initiatives.
11. Create and develop SOC processes and procedures in collaboration with Level 1 and Level 2 analysts.
12. Recommend improvements to security policies, procedures, and architecture based on operational insights.
13. Develop operational and executive reports.
14. Analyze security events to verify incidents, assessing their impact and risk to clients.
15. Prepare incident analysis reports and coordinate responses with relevant teams.
16. Support log integration activities and reduce false positives.
17. Assist during incident containment, investigation, eradication, and recovery phases.
18. Provide data support for SOC reports and metrics.
19. Monitor for false positives and work with engineering to address them.
20. Analyze recurring incidents and system performance, implementing corrective actions.
21. Document and update playbooks and procedures.

Minimum Requirements:

• 5+ years of experience in SOC operations, monitoring, and event analysis.
• Expertise in security monitoring and analysis platforms and related technologies.
• Excellent analytical and problem-solving skills.
• Advanced knowledge of SIEM/ SOAR technologies for event investigation.
• Strong understanding of incident handling and response techniques.
• Extensive experience in incident response, handling, and security operations.

Our Culture:

At Hulool Zaintech for Information Technology, we are proud of our culture and how it drives everything we do. We seek individuals who share our values and want to be part of a unique, engaging culture centered around collaboration and innovation. If you are looking for a role where you can enhance engagement and excellence across teams through commitment and collaboration, and are customer-centric with a focus on integrity and employee engagement, then read on to learn how you can join the Hulool Zaintech family.

Our Code of Conduct:

We strictly adhere to our code of conduct, which serves as a moral compass, providing a framework for responsible behavior and ethical decision-making. It outlines policies, standards, and procedures for our global operations, promoting integrity and ethical excellence across all countries we operate in. All employees review, understand, and adhere to this code annually, including new hires during onboarding.

Duties and Responsibilities:

1. Manage, configure, test, and integrate the SIEM system, focusing on content development such as reports, dashboards, real-time rules, filters, and channels.
2. Develop and deploy new content (use-cases) on SIEM solutions based on business or threat requirements, with the engineering team's support.
3. Conduct breach and investigative analysis to trace activities related to advanced threats.
4. Investigate and escalate complex or high-severity security threats or incidents.
5. Serve as an escalation resource and mentor for other analysts.
6. Collaborate with SIEM engineering and security partners to develop and refine correlation rules.
7. Maintain expertise in advanced persistent threats, forensics, and incident response practices.
8. Perform threat hunting to identify emerging threat activities across internal and external sources.
9. Coordinate evidence gathering, documentation, and review security incident reports.
10. Assist in defining and driving strategic security initiatives.
11. Create and develop SOC processes and procedures in collaboration with Level 1 and Level 2 analysts.
12. Recommend improvements to security policies, procedures, and architecture based on operational insights.
13. Develop operational and executive reports.
14. Analyze security events to verify incidents, assessing their impact and risk to clients.
15. Prepare incident analysis reports and coordinate responses with relevant teams.
16. Support log integration activities and reduce false positives.
17. Assist during incident containment, investigation, eradication, and recovery phases.
18. Provide data support for SOC reports and metrics.
19. Monitor for false positives and work with engineering to address them.
20. Analyze recurring incidents and system performance, implementing corrective actions.
21. Document and update playbooks and procedures.

Minimum Requirements:

• 5+ years of experience in SOC operations, monitoring, and event analysis.
• Expertise in security monitoring and analysis platforms and related technologies.
• Excellent analytical and problem-solving skills.
• Advanced knowledge of SIEM/ SOAR technologies for event investigation.
• Strong understanding of incident handling and response techniques.
• Extensive experience in incident response, handling, and security operations.

The Risk Management Analyst role at Tabby | تابي focuses on supporting the Risk Manager in developing, implementing, and maintaining effective risk management strategies to protect the organization from threats and vulnerabilities. This role requires a detail-oriented, analytical thinker who can conduct risk assessments, assist in compliance monitoring, and support business continuity planning. The analyst will collaborate with various departments to gather risk-related information, provide insights for decision-making, and ensure alignment with regulatory requirements and organizational goals. The ideal candidate will have experience in risk management processes, data analysis, and reporting, contributing to the continuous improvement of the organization's risk management practices.

Department: Risk Management

Employment Type: Full Time

Location: KSA

Reporting To: Ahmed Almughriyah

• Assist in Risk Management Processes


• Support the Risk Manager in identifying, assessing, and mitigating risks across the organization.


• Assist in the development and implementation of risk management strategies and frameworks.


• Conduct Risk Assessments


• Perform risk assessments to evaluate potential risks and vulnerabilities.


• Assist in developing risk mitigation plans and strategies.


• Compliance Monitoring


• Ensure compliance with relevant regulations and industry standards.


• Assist in preparing compliance reports and maintaining documentation for audits.


• Data Analysis and Reporting


• Analyze risk data and generate reports to support decision-making processes.


• Monitor key risk indicators and prepare regular reports for senior management.


• Support Business Continuity Planning


• Assist in the development and maintenance of Business Continuity Plans (BCPs) and Disaster Recovery Plans (DRPs).


• Participate in BCP and DRP testing and updates.


• Collaboration and Communication


• Collaborate with various departments to gather risk-related information and ensure alignment on risk management objectives.


• Communicate risk findings and recommendations to relevant stakeholders.


• Continuous Improvement


• Contribute to the continuous improvement of risk management processes and practices.


• Stay updated on emerging risks and industry trends to provide timely insights.

• At least 3 years of experience in risk management or a related field.


• Experience in conducting risk assessments and developing risk mitigation strategies.

• Strong analytical skills with the ability to interpret complex data.


• Excellent communication and interpersonal skills.


• Proficiency in risk management tools and software.


• Ability to work collaboratively in a team-oriented environment.


• Detail-oriented with strong organizational skills.

• Familiarity with risk management frameworks such as ISO 31000 or COSO ERM.


• Understanding of compliance requirements and industry regulations.

Seniority level: Mid-Senior level

Employment type: Full-time

Job function: Finance and Sales

Our Client, a leading International Consultancy specialising in engineering and project management for the building industry, has recently been awarded one of the largest Healthcare projects in Saudi Arabia.

The project is scheduled to last 3 years and will include several mid-rise Hospitals, Residential facilities, Commercial Facilities, Mosques, and Sports Facilities.

They are currently looking for a Risk Management Specialist to join their team at the Headquarters in Riyadh, working on the project. Middle East experience is essential for this role. Previous Healthcare project experience will be an advantage.

The client offers a competitive salary along with strong benefits.

If interested, please send your CV quoting reference J1475.

The ideal candidate will have 15 years of experience and hold a Degree in Engineering from an internationally recognized university. Extensive experience in project management, risk measurement, evaluation, and strategy development is required.

Experience working for Consultancies, Project Management Companies, and Design & Build Companies is essential.

AY CONSULTANTS LTD is a reputable, independent consultancy specialising in placing permanent and contract technical staff for the built environment. With a history of successful assignments and a commitment to customer satisfaction, much of our work is repeat business.

Our consultants and directors have industry experience, enabling them to develop empathy with clients and candidates alike.

We leverage our specialist experience to provide a personal and informed service across the full industry spectrum at all recruitment levels.