Saudi , Riyadh

--

Gender Not Mentioned

Education Bachelor of Science(Computers)

Category Information Technology

Industry Logistics and Supply Chain

Job Description

Roles & Responsibilities

Responsibilities:

Ensure IT security practices comply with Saudi regulations.
Implement and maintain internal security policies, procedures, and standards.
Conduct security audits and compliance assessments for applications, infrastructure, and cloud services.
Collaborate with management to ensure adherence to corporate governance requirements.

Threat & Vulnerability Management

Monitor, detect, and respond to security threats across all IT systems.
Conduct vulnerability assessments and penetration testing.
Implement corrective measures and patch management to mitigate risks.
Maintain security incident logs and coordinate with relevant teams for incident resolution.

Application & Infrastructure Security

Secure all application and infrastructure layers, including web, backend, APIs, databases, and client applications.
Review code, architecture, and deployment processes to identify security risks.
Implement access control, authentication, encryption, and secure configurations.
Collaborate with DevOps and Infra teams to ensure secure deployment pipelines.

Monitoring & Incident Response

Set up monitoring, alerting, and logging for security events across applications and infrastructure.
Lead incident response efforts and post-incident analysis.
Develop disaster recovery and business continuity plans aligned with security requirements.

Knowledge Management & Training

Develop security guidelines, SOPs, and documentation.
Conduct training sessions and workshops to raise awareness among internal users and technical teams.
Promote a security-conscious culture across the organization.

Collaboration & Technical Delivery

Work closely with Infra, DevOps, and Development teams for secure architecture and operations.
Review and approve security measures for new tools, applications, and integrations.
Advise on security requirements for new projects, features, or customer integrations.

Job Relations:

Reports to: IT Infrastructure Lead / IT Manager
Internal Relations: DevOps Engineer, Infra Engineer, QA, Development Teams, IT Support

External Communications:

Communicate with regulators and auditors to ensure compliance and provide reports.
Liaise with external vendors for security assessments, penetration tests, and certifications.
Escalate critical security risks to IT leadership and management.

Desired Candidate Profile

Bachelor s degree in computer engineering, Computer Science, or related field

Certifications preferred: CISSP, CISM, CEH, ISO27001 Lead Implementer, or equivalent.
3+ years in IT security, preferably in enterprise or multi-location environments.
Experience with security governance, risk management, and compliance.
Hands-on experience with: Network and infrastructure security (firewalls, VPNs, IDS/IPS), Application security (web, backend, APIs, mobile), Security monitoring tools and SIEM, and Backup, DR, and disaster recovery planning
Knowledge of Saudi regulations and compliance frameworks.

Competencies:

Strong analytical and problem-solving skills.
Risk-aware mindset with attention to detail.
Ability to translate regulatory requirements into operational security measures.
Collaboration and influence across technical and non-technical teams.
Proactive, process-oriented, and able to enforce security policies.

Skills & Languages: