27 Security Lead jobs in Egypt

Seeking a highly experienced Security Lead Engineer to lead the design, implementation, and continuous improvement of cybersecurity measures across our hybrid environment. This role requires overseeing infrastructure, application, and cloud security; managing threat detection and response systems; guiding the security posture of internally developed software; and ensuring regulatory compliance through GRC frameworks. The ideal candidate brings technical depth, leadership capabilities, and a proactive mindset to protect our digital assets and business operations.

Responsibilities:

1. Security Architecture & Strategy

2. Design, integrate, and maintain end-to-end security architecture for on-premises and cloud environments.

3. Ensure secure network topology including segmentation, access control, and VPN tunnels.
4. Lead development and enforcement of security policies, procedures, and best practices.

5. Work closely with developers and IT architects to embed security into application and infrastructure design.

6. SOC, SIEM, and Threat Management

7. Oversee the operation and tuning of Security Operations Center (SOC) including SIEM platforms.

8. Manage endpoint protection through EDR and threat-hunting solutions.
9. Manage and enhance email security systems to protect against phishing, malware, and spam, ensuring compliance with organizational security policies.

10. Lead incident response efforts and develop threat prevention strategies.

11. Application and Cloud Security

12. Supervise vulnerability scanning and penetration testing for internally developed applications.

13. Lead WAF deployment and optimization to protect business-critical web applications.

14. Implement security best practices and policy enforcement across multi-cloud environments

15. Governance, Risk & Compliance (GRC)

16. Drive cybersecurity-related compliance programs (e.g., SOC 2 Type 2, ISO

17. Lead cross-functional GRC initiatives and support internal/external audits.

18. Manage security risk assessments and recommend mitigation strategies.

19. Documentation & Collaboration

20. Maintain detailed documentation for security controls, policies, systems, and incidents.

21. Plan and conduct quarterly security awareness sessions to educate staff on emerging cyber threats, security best practices, and the organization's security policies.
22. Work collaboratively with software engineers, network teams, DevOps, and business units.

Requirements

Min requirements:

1.   Education: Bachelor's degree in engineering, Computer Science, Information Security or a related field.

2.   Experience:

· years in cybersecurity and information security roles.

· years of hands-on experience in security architecture and threat management.

3.   Qualifications necessary for the vacancy.

· Proven expertise in:

o   Security architecture for hybrid cloud/on-prem setups.

o   Firewalls, WAF, EDR, SIEM, UTM, IPS, Proxy, and DDoS mitigation.

o   Network security protocols, subnetting, VPNs, and access control models.

4.   Set of skills necessary for the vacancy.

· Problem-Solving and Analytical Skills:

o   Ability to diagnose and resolve complex technical issues efficiently.

o   Skilled in designing and implementing scalable and secure IT solutions.

· Organizational Skills:

o   Strong ability to manage multiple projects and prioritize tasks effectively.

o   Commitment to meeting deadlines and maintaining high-quality standards.

· Communication and Teamwork:

o   Excellent written and verbal communication skills.

o   Ability to collaborate effectively with team members and stakeholders.

5.   Certifications (Desirable):

· CISSP, CISM, CEH, OSCP, CCSP

· Cloud security certifications (e.g., AWS Security Specialty, Microsoft SC-100/SC-200)

· IT governance certifications (e.g., ISO 27001 LA, CISA)

Objective: (summary about the position)

Seeking a highly experienced Security Lead Engineer to lead the design, implementation, and continuous improvement of cybersecurity measures across our hybrid environment. This role requires overseeing infrastructure, application, and cloud security; managing threat detection and response systems; guiding the security posture of internally developed software; and ensuring regulatory compliance through GRC frameworks. The ideal candidate brings technical depth, leadership capabilities, and a proactive mindset to protect our digital assets and business operations.

Responsibilities:

1. Security Architecture & Strategy

• Design, integrate, and maintain end-to-end security architecture for on-premises and cloud environments.
• Ensure secure network topology including segmentation, access control, and VPN tunnels.
• Lead development and enforcement of security policies, procedures, and best practices.
• Work closely with developers and IT architects to embed security into application and infrastructure design.

2. SOC, SIEM, and Threat Management

• Oversee the operation and tuning of Security Operations Center (SOC) including SIEM platforms.
• Manage endpoint protection through EDR and threat-hunting solutions.
• Manage and enhance email security systems to protect against phishing, malware, and spam, ensuring compliance with organizational security policies.
• Lead incident response efforts and develop threat prevention strategies.

3. Application and Cloud Security

• Supervise vulnerability scanning and penetration testing for internally developed applications.
• Lead WAF deployment and optimization to protect business-critical web applications.
• Implement security best practices and policy enforcement across multi-cloud environments

4. Governance, Risk & Compliance (GRC)

• Drive cybersecurity-related compliance programs (e.g., SOC 2 Type 2, ISO
• Lead cross-functional GRC initiatives and support internal/external audits.
• Manage security risk assessments and recommend mitigation strategies.

5. Documentation & Collaboration

• Maintain detailed documentation for security controls, policies, systems, and incidents.
• Plan and conduct quarterly security awareness sessions to educate staff on emerging cyber threats, security best practices, and the organization's security policies.
• Work collaboratively with software engineers, network teams, DevOps, and business units.

Requirements

Min requirements:

1. Education: Bachelor's degree in engineering, Computer Science, Information Security or a related field.

2. Experience:

3. 7 years in cybersecurity and information security roles.

4. 5+ years of hands-on experience in security architecture and threat management.

5. Qualifications necessary for the vacancy.

6. Proven expertise in:

o Security architecture for hybrid cloud/on-prem setups.

o Firewalls, WAF, EDR, SIEM, UTM, IPS, Proxy, and DDoS mitigation.

o Network security protocols, subnetting, VPNs, and access control models.

1. Set of skills necessary for the vacancy.

2. Problem-Solving and Analytical Skills:

o Ability to diagnose and resolve complex technical issues efficiently.

o Skilled in designing and implementing scalable and secure IT solutions.

• Organizational Skills:

o Strong ability to manage multiple projects and prioritize tasks effectively.

o Commitment to meeting deadlines and maintaining high-quality standards.

• Communication and Teamwork:

o Excellent written and verbal communication skills.

o Ability to collaborate effectively with team members and stakeholders.

1. Certifications (Desirable):

2. CISSP, CISM, CEH, OSCP, CCSP

3. Cloud security certifications (e.g., AWS Security Specialty, Microsoft SC-100/SC-200)
4. IT governance certifications (e.g., ISO 27001 LA, CISA)

Objective: (summary about the position)

Seeking a highly experienced Security Lead Engineer to lead the design, implementation, and continuous improvement of cybersecurity measures across our hybrid environment. This role requires overseeing infrastructure, application, and cloud security; managing threat detection and response systems; guiding the security posture of internally developed software; and ensuring regulatory compliance through GRC frameworks. The ideal candidate brings technical depth, leadership capabilities, and a proactive mindset to protect our digital assets and business operations.

Responsibilities:

1. Security Architecture & Strategy

• Design, integrate, and maintain end-to-end security architecture for on-premises and cloud environments.
• Ensure secure network topology including segmentation, access control, and VPN tunnels.
• Lead development and enforcement of security policies, procedures, and best practices.
• Work closely with developers and IT architects to embed security into application and infrastructure design.

2. SOC, SIEM, and Threat Management

• Oversee the operation and tuning of Security Operations Center (SOC) including SIEM platforms.
• Manage endpoint protection through EDR and threat-hunting solutions.
• Manage and enhance email security systems to protect against phishing, malware, and spam, ensuring compliance with organizational security policies.
• Lead incident response efforts and develop threat prevention strategies.

3. Application and Cloud Security

• Supervise vulnerability scanning and penetration testing for internally developed applications.
• Lead WAF deployment and optimization to protect business-critical web applications.
• Implement security best practices and policy enforcement across multi-cloud environments

4. Governance, Risk & Compliance (GRC)

• Drive cybersecurity-related compliance programs (e.g., SOC 2 Type 2, ISO
• Lead cross-functional GRC initiatives and support internal/external audits.
• Manage security risk assessments and recommend mitigation strategies.

5. Documentation & Collaboration

• Maintain detailed documentation for security controls, policies, systems, and incidents.
• Plan and conduct quarterly security awareness sessions to educate staff on emerging cyber threats, security best practices, and the organization's security policies.
• Work collaboratively with software engineers, network teams, DevOps, and business units.

Min requirements:

Education: Bachelor's degree in engineering, Computer Science, Information Security or a related field.

Experience:

· years in cybersecurity and information security roles.

· years of hands-on experience in security architecture and threat management.

Qualifications necessary for the vacancy.

· Proven expertise in:

o    Security architecture for hybrid cloud/on-prem setups.

o    Firewalls, WAF, EDR, SIEM, UTM, IPS, Proxy, and DDoS mitigation.

o    Network security protocols, subnetting, VPNs, and access control models.

Set of skills necessary for the vacancy.

· Problem-Solving and Analytical Skills:

o    Ability to diagnose and resolve complex technical issues efficiently.

o    Skilled in designing and implementing scalable and secure IT solutions.

· Organizational Skills:

o    Strong ability to manage multiple projects and prioritize tasks effectively.

o    Commitment to meeting deadlines and maintaining high-quality standards.

· Communication and Teamwork:

o    Excellent written and verbal communication skills.

o    Ability to collaborate effectively with team members and stakeholders.

Certifications (Desirable):

· CISSP, CISM, CEH, OSCP, CCSP

· Cloud security certifications (e.g., AWS Security Specialty, Microsoft SC-100/SC-200)

· IT governance certifications (e.g., ISO 27001 LA, CISA)

Overview

We are seeking an experienced Endpoint & Device Security Lead to secure, manage, and optimize our endpoint and mobile device infrastructure. The ideal candidate will take ownership of Endpoint Central (ManageEngine), SentinelOne, Trend Micro, XDR platforms, and Mobile Device Management (MDM), ensuring that all endpoints and devices are patched, monitored, and protected against evolving threats. This role also includes remote agent deployment via our Azure tenant and full IT asset lifecycle management, making it central to our cybersecurity and compliance posture.

Key Responsibilities

Endpoint & Mobile Security

• Lead administration of Endpoint Central (ManageEngine) for endpoint deployment, patching, compliance, and asset inventory.

• Manage and optimize SentinelOne, Trend Micro, and XDR platforms to provide real-time protection, advanced detection, and response.

• Implement and oversee MDM solutions (Intune or Endpoint Central MDM) to secure and manage mobile devices (iOS, Android).

• Deploy and manage agents remotely using Azure tenant integration for both on-premises and remote devices.

• Define and enforce endpoint and mobile security policies to defend against malware, ransomware, phishing, and advanced persistent threats.

Patch & Threat Management

• Design and implement patch management strategies across operating systems and applications.

• Continuously monitor for endpoint and mobile vulnerabilities, security incidents, and anomalies.

• Use XDR platforms for advanced detection, correlation, and response to endpoint threats.

• Generate executive and technical reports on patch compliance, endpoint health, and threat response.

Asset Management

• Maintain a complete, accurate IT asset inventory (hardware, software, licenses, and mobile devices).

• Track and manage the full asset lifecycle (procurement, deployment, support, retirement).

• Ensure compliance with licensing, governance, and audit requirements.

Leadership & Operations

• Provide 2nd/3rd level support for endpoint, MDM, and security escalations.

• Lead endpoint security initiatives in collaboration with IT and InfoSec teams.

• Play an active role in incident response, threat containment, and remediation.

• Continuously improve endpoint & device security through automation, process optimization, and best practices.

Required Skills & Qualifications

• Strong hands-on experience with Endpoint Central (ManageEngine).

• Proven expertise in SentinelOne, Trend Micro, and XDR platforms.

• Experience with Mobile Device Management (MDM) (Microsoft Intune, Endpoint Central MDM, or equivalent).

• Skilled in remote agent deployment and management via Azure tenant.

• In-depth knowledge of endpoint and mobile security, patching, and compliance frameworks.

• Experience across Windows, macOS, Linux, Android, and iOS environments.

• Excellent troubleshooting, communication, documentation, and reporting skills.

Preferred

• Security certifications such as CompTIA Security+, Microsoft Security Operations Analyst, SentinelOne Certified Specialist, Trend Micro Certified Professional, MDM certifications.

• Experience integrating endpoint and XDR solutions with SIEM platforms.

• Knowledge of Zero Trust frameworks and endpoint hardening best practices.

Job Purpose:

We are looking for a skilled Network Security Team Leader with solid experience in designing, implementing, and operating advanced security solutions. The ideal candidate will bring hands-on expertise across a wide range of security technologies, applying a layered security approach to safeguard enterprise infrastructure and ensure secure, reliable access. This role requires technical depth or conceptual understanding in multiple security domains, including firewalls, VPNs, multi-factor authentication (MFA), network access control (NAC), distributed denial-of-service (DDoS) mitigation, sandboxing, secure email gateways, application delivery and traffic management, and web application firewalls (WAF). The candidate will play a key role in strengthening the organization's overall security posture by integrating these layers into a cohesive defense strategy.

Key Responsibilities

• Participate in designing and planning for the new network security cloud technologies as well as implementing these technologies to meet current and future customer needs .
• Configure and manage network security technologies for the organization cloud services as well as external customers on premises data centers.
• Configure network security monitoring tools to continuously monitor network security devices performance, availability and reliability and Generating regular reports
• Optimize network security devices configurations to improve the network security cloud services efficiency and performance.
• Study the new features of network security devices new releases and plan for conducting the regular upgrades to provide the latest announced versions from the vendors .
• Troubleshoot and resolve network security-related problems, and conduct root cause analysis to these problems.
• Maintain accurate documentation of network security cloud solutions configurations, diagrams, and procedures.
• Work as tier 2 support team for handling technical escalations and more advanced inquiries escalated from network operation team
• Stay informed about industry best practices, emerging technologies, and network security trends to provide recommendation to the existing network security solutions
• Perform the proper handover and guidance to the operation teams to operate the new implemented network security technologies.
• Collaborate with organization SOC Team to provide the proper Monitor for the unusual activity and security threats
• Collaborate with Organization information security team to respond to the regular security audits and vulnerability assessments.
• Respond to security incidents and coordinate incident response efforts.
• Stay up-to-date with emerging security threats and technologies.

Technical Experience and Hands on :-

• NGFW (Cisco, FortiGate, Palo Alto)
• Secure Web Gateway (Symantec Bluecoat)
• VPN Technologies (DMVPN, Site 2 Site, Remote Access)
• ADC/WAF (F5 , Citrix)
• Network Admission Control (Cisco ISE)

Technical Knowledge (Add on)

• Routers and Switches Security
• Secure Access Gateways (Citrix)
• MFA Technologies (DUO, Entrust)
• DDOS (Arbor)
• Email Security and Sandboxing (Fortinet )
• F5 NGINEX
• VMware Security Products

Qualifications:

• Bachelor's degree in communication / computer engineering or related field.
• Minimum 5 -7 years of professional experience in network security, with demonstrated success in large-scale deployments and secure service delivery
• Deep technical experience in core areas such as Firewalls, VPN , LTM&WAF , Secure Web Gateway combined with conceptual understanding of complementary layers like Routers and switches security, MFA Technologies , DDOS , Email and sandboxing , NGINEX , VMware security products
• Previous experience with Cloud Providers is a strong plus.

Join Us
At Vodafone, we're not just shaping the future of connectivity for our customers – we're shaping the future for everyone who joins our team. When you work with us, you're part of a global mission to connect people, solve complex challenges, and create a sustainable and more inclusive world. If you want to grow your career whilst finding the perfect balance between work and life, Vodafone offers the opportunities to help you belong and make a real impact.

Role Purpose

• Acts as the primary point of contact in designing/enforcing information security controls for Vodafone Egypt in accordance with the ISO 27001 mandates and Vodafone Group's standards
• Designs and implements information security program that effectively and efficiently protects the company's data assets and facilitates our implementation of corporate strategy in a secure manner

Key Accountabilities & Decision Ownership
Develop and oversee
the implementation of information security policies, procedures, and best practices to protect the organization's assets.

Business Ownership of Information Security Controls

• Monitoring users' activities: that would serve in the mitigation of any information security risks and would safeguard Vodafone's reputation and integrity
• Document and own Vodafone's security policies and procedures to ensure that robust security controls and guidelines are communicated to all Vodafone and VIS employees to reduce risks, violations and financial losses

Incidents Investigations

• Report on VF-EG's suspicious user's behaviour by setting different security baseline & benchmark criteria across VF-EG systems
• Provide forensics to the Corporate Security Internal Investigations team in order to assist in investigating violations

Risk Management

• Identify, assess, and manage security risks and vulnerabilities for new projects through security committee & for existing systems

Core Competencies, Knowledge, And Experience

• Experience in forensic investigations with significant experience in examining IT systems and presentation in civil/criminal justice systems including concise written reports
• Thorough understanding of current telecoms technologies
• Excellent interviewing and fact-finding skills as a requisite for conducting internal interrogations
• Excellent analytical skills and ability to provide rapid and concise summaries and resolutions to complex scenarios and problems
• Ability to motivate and develop a team of individuals to gain maximum performance

Must have technical / professional qualifications:

• BSc in Computer Engineering or related IT discipline
• Experience of at least 4 years in Control function. Egypt
• One or more of information security certificate CISA, CISM

Who We Are
We are a leading international Telco, serving millions of customers. At Vodafone, we believe that connectivity is a force for good. If we use it for the things that really matter, it can improve people's lives and the world around us. Through our technology we empower people, connecting everyone regardless of who they are or where they live and we protect the planet, whilst helping our customers do the same.

Belonging at Vodafone isn't a concept; it's lived, breathed, and cultivated through everything we do. You'll be part of a global and diverse community, with many different minds, abilities, backgrounds and cultures. ;We're committed to increase diversity, ensure equal representation, and make Vodafone a place everyone feels safe, valued and included.

If you require any reasonable adjustments or have an accessibility request as part of your recruitment journey, for example, extended time or breaks in between online assessments, please refer to for guidance.

Together we can.

Job Purpose:

• Responsible for all aspects of Azure security, including implementing security controls based on the fundamentals of Azure Security Benchmark, threat protection, identity, and access management, defining Azure cloud infrastructure and Azure Policies. Also, will use Azure technologies to provide data protection, network security defenses, while also

Job Responsibilities

• Analyze software security requirements and define solution standards and specifications for the Azure Cloud.
• Monitor cloud infrastructure and proactively mitigate potential incidents before service degradation occurs.
• Secure Azure Cloud infrastructure, including but not limited to data platform management, automated deployment, service configuration, virtual networks, storage accounts, Azure App Service, virtual machines, Azure Active Directory, Azure AD Connect, load balancing, network security, and Azure Backup.
• Implement balanced security solutions to ensure the cloud platform architecture and technology are programmed and configured to deliver security and privacy.
• Implement security processes to produce security-centric PaaS deliverables, enabling DevOps, product engineering, infrastructure, and operations to create secure products without unreasonable restrictions.
• Develop an Azure Cloud security roadmap in collaboration with other technology leaders to help implement security controls that support the company's cloud vision.
• Maintain and improve the security posture of the Azure platform, identifying and remediating vulnerabilities using a variety of security tools.
• Define risk and mitigation plans related to security, legal, data, compliance, and regulatory requirements.
• Implement, configure, and maintain security controls and policies, and monitor threats to ensure the protection of applications, containers, infrastructure, and networks.
• Automate security controls, data, and processes to provide better metrics and operational support using security as code.
• Configure and maintain access within cloud solution environments using the principle of least privilege.
• Configure and maintain network security within the cloud using a hybrid context with traditional network-centric controls.
• Create, maintain, and manage Azure policies to enforce security controls.

Job Qualifications

• Bachelor's degree in Engineering or Information Systems.
• 3–5 years of relevant experience.
• Strong understanding of cloud computing models: IaaS, PaaS, and SaaS.
• Preferred to be certified in CCSP & CISSP.
• Familiarity with major cloud providers (AWS, Azure, GCP) and their security features.
• Experience in designing and implementing secure cloud architectures and landing zones.
• Proficiency in leveraging cloud security services and features, including CSPM/CWPP, IaC guardrails, and cloud-native network security tools.
• Solid knowledge of Identity and Access Management (IAM), including designing and configuring roles, permissions, and secrets management.
• Experience in cloud-specific threat detection, incident response, and regulatory compliance mapping.
• Understanding of network security principles such as segmentation, firewall rules, and VPNs.
• Ability to work collaboratively with cross-functional teams.

Company Description

Valleysoft is a regional IT services provider serving clients worldwide. Since 2006, Valleysoft has collaborated with global partners like IBM across various industries to solve complex business and technical problems. We provide high-quality services through a client-focused, process-oriented approach with maturity in quality delivery and operational discipline. Our operational efficiency allows us to offer world-class services with repeatable and predictable results at optimal value.

Role Overview

We are seeking an experienced Cyber & Network Security Practice Lead
to build, lead, and scale our cybersecurity and network security practice. The ideal candidate will combine deep technical expertise with strong leadership and business acumen to shape our security portfolio, deliver high-impact solutions to customers, and guide a team of security engineers and consultants.

This role requires someone who can balance
strategic vision, practice development, client engagement, and hands-on technical leadership.

Key Responsibilities

Practice Leadership & Strategy

• Define and execute the strategy for the Cyber & Network Security practice in alignment with company goals.
• Build and manage a team of security architects, engineers, and consultants.
• Develop service offerings across
  network security, cloud security, endpoint security, threat detection & response, identity & access management (IAM), and vulnerability management.
• Drive innovation by staying ahead of emerging threats, technologies, and security frameworks.
• Establish best practices, methodologies, and governance for project delivery.

Technical & Delivery Excellence

• Provide thought leadership and architecture oversight for complex cybersecurity and network security projects.
• Design and implement solutions across firewalls, SIEM, SOAR, zero trust, intrusion detection/prevention, and secure networking.
• Oversee penetration testing, vulnerability scanning, and incident response activities.
• Ensure compliance with
  international and regional standards
  (ISO 27001, NIST, PCI DSS, GDPR, etc.).
• Serve as an escalation point for major security incidents and technical challenges.

Client & Stakeholder Engagement

• Act as the trusted advisor to executive stakeholders (CIO, CISO, CTO) at client organizations.
• Lead pre-sales engagements, including solution design, RFP responses, and presentations.
• Support business development by identifying new opportunities and expanding security service offerings.
• Build and maintain strong vendor/partner relationships with leading security providers (Cisco, Palo Alto, IBM Security, Splunk, Fortinet, Check Point, etc.).

Team Development & Leadership

• Mentor and grow a high-performing security team.
• Drive certifications, upskilling, and knowledge-sharing across the team.
• Foster a culture of security-first thinking across the organization.

Qualifications & Experience

• 10+ years
  of experience in Cybersecurity and Network Security, with at least
  3+ years in a leadership role
  (Practice Lead, Head of Security, or equivalent).
• Strong expertise in
  network security architecture, firewalls, IDS/IPS, VPN, Zero Trust, and cloud security
  .
• Hands-on experience with tools and platforms like
  SIEM (Splunk, QRadar), SOAR, vulnerability scanners (Qualys, Tenable), and endpoint protection (CrowdStrike, SentinelOne, etc.)
  .
• Proven experience leading
  large-scale security programs
  and managing
  cyber risk at the enterprise level
  .
• Certifications preferred:
  CISSP, CISM, CCSP, CEH, OSCP, CISA, vendor-specific (Cisco CCIE Security, Palo Alto, Fortinet NSE, etc.)
  .
• Excellent leadership, communication, and stakeholder management skills.
• Experience in banking/finance, government, or telecom sectors is a plus

Company:
Estarta

Client:
Fortinet

Location:
Riyadh, Saudi Arabia (Relocation required if not currently residing in Saudi Arabia)

Job Summary:

Estarta is seeking a highly skilled and motivated
SOC Engineer
to join our cybersecurity team in partnership with
Fortinet
. The ideal candidate will have extensive hands-on experience with
SIEM, SOAR, and Endpoint Detection & Response (EDR) platforms
and a strong passion for enhancing threat detection, incident response, and security automation. In this role, you will play a critical part in
monitoring, detecting, investigating, and responding to security threats
across enterprise environments. This position is perfect for professionals who thrive in fast-paced SOC operations and are eager to contribute to improving an organization's overall security posture.

Key Responsibilities:

• Design, deploy, and manage enterprise
  SIEM solutions
  (e.g., FortiSIEM, Splunk, QRadar) to ensure comprehensive security monitoring and visibility.
• Develop, optimize, and maintain
  correlation rules, dashboards, alerts, and reports
  to improve detection accuracy and reduce false positives.
• Build, deploy, and manage
  SOAR playbooks
  to automate incident response tasks and integrate with EDR tools, ticketing systems, and threat intelligence platforms.
• Monitor and respond to security alerts from
  EDR solutions
  (e.g., FortiEDR, CrowdStrike, SentinelOne), performing triage and incident investigation.
• Conduct
  threat hunting
  and advanced investigations using indicators of compromise (IOCs), behavioral analytics, and threat intelligence.
• Collaborate with SOC analysts, incident responders, and IT teams to
  contain, mitigate, and remediate security incidents
  efficiently.
• Document and maintain
  playbooks, procedures, detection logic, and post-incident reports
  for operational consistency and knowledge sharing.
• Contribute to continuous improvement of
  detection coverage, response workflows, and overall cybersecurity strategy
  .
• Mentor junior SOC personnel and support team training initiatives.

Required Skills and Qualifications:

• Minimum
  5 years of experience
  in cybersecurity operations, SOC engineering, or related roles.
• Strong expertise in
  SIEM platforms
  (FortiSIEM, Splunk, QRadar), including deployment, tuning, and reporting.
• Hands-on experience with
  SOAR tools
  (FortiSOAR, Cortex XSOAR, Tines) and workflow automation.
• Proficiency with
  EDR platforms
  (FortiEDR, CrowdStrike, Carbon Black, Microsoft Defender for Endpoint).
• Solid understanding of
  MITRE ATT&CK framework
  , threat intelligence, and IOC correlation.
• Experience writing
  detection rules and queries
  (regex, KQL, or custom query languages).
• Working knowledge of
  scripting/automation
  using Python, PowerShell, or Bash.
• Strong analytical, problem-solving, and troubleshooting skills with high attention to detail.
• Excellent
  communication and collaboration skills
  in cross-functional teams.
• Relevant cybersecurity certifications (e.g.,
  GCIH, GCIA, Splunk Certified, Fortinet NSE
  ) are a plus.

Preferred Qualifications:

• Experience in
  cloud security monitoring
  (AWS, Azure, or Google Cloud) and integrating cloud-native security tools into SIEM/SOAR workflows.
• Knowledge of
  regulatory compliance frameworks
  (ISO 27001, NIST, GDPR, SOC 2).
• Familiarity with
  vulnerability management, threat modeling, and red team exercises
  .

Relocation:

Candidates currently outside Saudi Arabia must be willing to
relocate to Riyadh
.