Lead Specialist - InfoSec Ops Management (Saudi National)

CPX

Saudi Arabia, Riyadh

12-15 Years

This job is no longer accepting applications

Posted 3 months ago

Job Description

Job Purpose

Lead Specialist InfoSec Ops Management plays a vital role in protecting information assets and maintaining a secure environment.

Organizational Security and Compliance: Lead Specialist leads the internal team and client engagements to ensure the security and compliance of the organizations information systems. Responsible for assessing risks, implementing security controls, and monitoring for vulnerabilities to safeguard sensitive data.

Cybersecurity Technology Management, Security Incident and Vulnerability Remediation Management: Lead Specialist plays a crucial role in managing the cybersecurity products for the internal and external clients, remediation of security incidents and security vulnerabilities in the client infrastructures. Responsible for collaborating with the stakeholders and teams to enhance security practices and maintain a robust security posture.

Job Responsibilities

Lead cybersecurity operations and client service delivery, mentoring junior staff and managing cross-functional collaboration.
Oversee daily InfoSec operations, ensuring effective security services across internal and client environments.
Act as a subject matter expert for cybersecurity and cloud security operations, advising technical and business teams.
Conduct vulnerability assessments, security testing, and compliance reviews for cloud and on-prem infrastructure.
Develop and maintain security baselines, hardening guidelines, and technical documentation.
Manage incident response, remediation, and forensic investigations, including post-incident reporting.
Monitor security logs and infrastructure to detect threats and anomalies.
Administer and optimize cybersecurity technologies (e.g., DAM, IAM, PAM, CASB, M365, Azure, GCP).
Support disaster recovery planning and operations for cybersecurity systems.
Ensure secure design and deployment of IT and cloud solutions, validating security requirements.
Provide assurance on secure configuration and operations across access, data, and application security.
Advise on cloud security architecture, compliance, and governance.
Implement and maintain security processes, standards, and guidelines.
Prepare regular client and infrastructure reports and conduct technical awareness sessions.
Support audits, compliance activities, and remediation efforts.
Stay updated on emerging threats and technologies, contributing to modernization roadmaps.
Present cloud solutions to stakeholders and lead technical workshops.
Evaluate RFP/RFI responses and develop cost-effective solutions.
Manage multiple tasks and projects, ensuring timely delivery and policy compliance.
Liaise with IT teams and vendors for incident resolution and change management.
Continuously upgrade cybersecurity knowledge and skills

Background

Strong expertise in on-prem and cloud cybersecurity technologies, including M365, Azure, and GCP.
Proficient in network security across public, private, and hybrid cloud environments.
Hands-on experience with tools like PAM, SIEM, IAM, UEBA, MDM, WAF, DLP, CASB, IRM, and endpoint security.
Skilled in data security technologies and platforms such as ForcePoint, Boldon James, and M365 Security Suite.
Experience in incident response, disaster recovery, and cyber resilience planning.
Deep understanding of cloud architecture, secure coding, and DevSecOps practices.
Familiar with compliance standards (ISO, NIST, SOC, SOX) and risk assessment methodologies.
Strong scripting skills (Bash, PowerShell, Python) and automation capabilities.
Proficient in Windows, Linux, and UNIX systems; Active Directory and ADFS administration.
Knowledgeable in secure SDLC, threat modeling, and vulnerability management.
Experienced with security tools like Nessus, Burp Suite, Wireshark, Metasploit, and Fortify.
Excellent documentation, reporting, and stakeholder communication skills.
Flexible to support shifts and after-hours operations as needed.

Job Specifications

Education

Bachelors in Computer Science, Computer Engineering, Information Technology, Information Systems or equivalent
Additional education in the field of Information Security / Cyber Security is a definite advantage

Minimum Work Experience

Overall 12 to 15 years of experience in Information Security and Cloud Management Services Domains. (concessions on years of work experience available based on relevant domain certifications, masters and doctorate degrees)

Skills/Certifications (Technical & Non-Technical)

Preferred Certifications/Training (Important)

Certified Cloud Security Professional (CCSP)
Certified Information Systems Security Professional (CISSP)
Certificate of Cloud Security Knowledge (CCSK)
CompTIA Net+ and CompTIA Sec+
Certified Information Security Manager (CISM)
Certified Incident Handler (ECIH)
Google Cloud Certified - Professional Cloud Security Engineer
Google Cloud Certified - Professional Cloud Architect
Tool Administration Certifications (PAM, IAM, DAM, CASB, DLP, Data Classification, IRM, Web Proxy, Email Security Gateway)
ITIL v3 Foundation or higher
Microsoft Azure Security Engineer
Microsoft Azure Solutions Architect Expert
Microsoft Certifications (SC-200, SC-400, AZ-500 or alike)
Certified Kubernetes Security Specialist (CKS)

Preferred Certifications/Training (Good To Have)