General Description/Purpose:Perform regular review on SHL IT infrastructure to comply with SAMA
Essential Duties (Major responsibilities of this position):Perform cybersecurity reviews and identify gaps in security architecture, to develop cybersecurity risk management plans. Provide input to the risk management framework and related documentation. Employ secure configuration management processes. Identify and prioritize critical business functions in collaboration with organizational stakeholders. Provide advice on project costs, design concepts, or design changes. Advise on security requirements to be included in procurement documents. Analyze candidate architectures, allocate security services and select security mechanisms. Define system security context, concept of operations and baseline requirements in line with applicable cybersecurity policies. Write detailed functional specifications that document the architecture development process. Analyze user needs and requirements to plan architecture. Develop enterprise architecture or system components required to meet user needs. Document and update as necessary all definition and architecture activities. Determine security controls for information systems and networks and document appropriately. Assess and design cybersecurity management functions. Define appropriate availability levels for critical system functions and disaster recovery and continuity of operations requirements to deliver them. Define and prioritize essential system capabilities or business functions required for partial or full system restoration after a catastrophic failure event. Develop and integrate cybersecurity designs for systems and networks with multilevel security requirements. Document and address organization's security architecture, and systems security engineering requirements throughout the acquisition life cycle. Ensure that acquired or developed systems and architectures are consistent with organization's cybersecurity architecture guidelines. Work with agile team members to conduct fast prototyping, feasibility studies and evaluation of new technologies. Design systems and solutions to support successful proofs-of-concept and pilot projects in emerging technology areas. Read and interpret technical diagrams, specifications, drawings, blueprints and schematics relating to systems and networks. Determine and document security controls for systems and networks. Define and document the effect of implementation of a new system or new interfaces between systems on the security posture of the existing environment. Recommend cost-effective security controls to mitigate risks identified through testing and review. Systems Used:Not limited to the current tools as( Nessus Pro, Desktop Central, Kasper Sky, Microsoft Visio, Bold& James, Force Point, Fortinet) Minimum Requirements/Experience (What is required to perform the essential duties):5 years in technical information security. Certified in more than three security controls (network level, application level and system level) Network security design and implementation Security operations, incident response, or risk management Systems administration or software development (for foundational understanding) Education:Bachelor degree in computer sciences or equivalate.