Cyber Security Specialist

Job description:

POSITION INFORMATION

Division: Network & Digital Department:Security Role Designation: Cybersecurity Specialist

ROLE PURPOSE

The Cybersecurity Specialist, under the supervision of the Manager Cybersecurity Operation, is in charge of developing, executing, and overseeing security measures to safeguard AWASR's infrastructure and data. This position performs security evaluations, creates plans for responding, and enforces adherence to industry rules and guidelines. The engineer helps the security operations team with incident response, vulnerability management, and improves AWASR's overall security resilience through collaboration. The main objective is to guarantee the security, reliability, and accessibility of AWASR's telecommunication and corporate infrastructure.

KEY ACCOUNTABILITIES AND RESPONSIBILITIES

* Assist in developing and enhancing AWASR's Security Operations Center (SOC) capabilities.

* Monitor security frameworks, systems, and alerts; respond rapidly to incidents.

* Report abnormal network or infrastructure activities to relevant teams.

* Perform troubleshooting, field work, and site visits as required.

* Maintain up-to-date asset and service registers.

* Monitor and triage SOC alert queues effectively.

* Review threat intelligence reports and sources for actionable insights.

* Draft and maintain SOC policies, procedures, and playbooks.

* Onboard and integrate new equipment, systems, and tools into SOC workflows.

* Monitor AWASR assets, logs, and data flows to detect potential intrusions.

* Generate and analyze SOC health and security operation metrics (weekly, monthly, quarterly, annual).

* Coordinate and participate in security incident response activities.

* Ensure compliance with TRA regulations, laws, and industry standards (security, privacy, and data protection).

* Conduct regular security audits, assessments, and exercises (tabletop, simulations).

* Evaluate, implement, and manage security technologies (IDS/IPS, firewalls, access controls, vulnerability scanning tools).

* Manage and maintain SIEM, EDRs, and other security platforms.

* Continuously assess the effectiveness of security measures and recommend improvements.

* Assess new security products and tools, and provide support and recommendations for enhancements.

* Manage relationships with security vendors, contractors, and third-party providers.

* Maintain and update emergency response plans.

* Collaborate with business continuity and disaster recovery teams to integrate security considerations.

* Communicate security risks, vulnerabilities, and threat intelligence to stakeholders and vendors.

* Act as point of contact during incidents with regulators, law enforcement, and industry partners.

* Support special security-related projects.

* Stay updated on emerging security threats, trends, and regulatory changes.

* Develop, implement, and maintain security incident handling procedures.

* Prepare regular security reports for executive management and stakeholders.

* Ensure security controls are embedded in the technology solution lifecycle.

* Preferred Skills:

* Experience with penetration testing and vulnerability assessment tools.

* Knowledge of network and application security testing methodologies.

* Ability to conduct internal audits and ethical hacking exercises.

Qualifications & Experience

* Bachelor's degree in computer science, Information Technology, Cybersecurity, or a related field.2 to 5 years of experience in the field related to the title of the position.

* Below certifications are a plus :

* Certified Ethical Hacker (CEH)

* GIAC Security Essentials (GSEC)

* Knowledge in managing and implementing security tools such as firewalls, intrusion detection/prevention systems (IDS/IPS), security information and event management (SIEM) systems, EDRs, antivirus and other security products.

* Knowledge in managing security incidents, including performing root cause analysis, coordinating with relevant teams, and implementing corrective actions.

* Strong background in conducting security assessments, vulnerability scans, and risk analyses.

* Knowledge of telecommunications networks, systems, and related security considerations.

* Knowledge of relevant laws, regulations, and industry standards related to cybersecurity, privacy, and data protection (e.g., GDPR, ITU, ISO 27001, TRA regulations).

* Knowledge in developing, drafting, and implementing security policies, procedures, and guidelines.

* Proficiency in network and system security

* Familiarity with secure architecture and design principles

* Knowledge of threat intelligence and vulnerability management

* Ability to manage security projects, including the deployment of security tools and technologies.

* Strong ability to communicate complex security concepts to both technical and non-technical stakeholders.

* Commitment to staying up to date with the latest cybersecurity trends, threats, and technologies.

* Adhere to all work-related tasks and requests from line manager.

Language Requirements for Role

* English mandatory, Arabic mandatory ( both verbal and written).

Key Skills and Knowledge

* Strong understanding of network protocols, firewalls, intrusion detection/prevention systems (IDS/IPS), and security information and event management (SIEM) systems.

* Good knowledge in security tools such as vulnerability scanners, endpoint protection, and encryption technologies.

* Knowledge with cloud security platforms and technologies.

* Knowledge of security frameworks and standards such as ISO 27001, NIST, CIS Controls, and GDPR.

* Familiarity with regulatory requirements and compliance standards related to security, privacy, and data protection.

* Knowledge in incident response, digital forensics, and root cause analysis.

* Ability to lead and coordinate security incident response efforts effectively if required.

* Good understanding of risk assessment methodologies and vulnerability management.

* Knowledge with threat intelligence gathering and analysis.

* Ability to review and process threat intelligence reports and sources.

* Knowledge in security assessments and penetration testing.

* Ability to identify security vulnerabilities and ensure their resolution.

* Knowledge in drafting and implementing security policies and procedures.

* Knowledge of SOC operations and best practices.

* Knowledge in monitoring security systems and analysing logs to identify potential threats and intrusions.

* Ability to effectively prioritize and automate the resolution of security issues.

* Strong communication skills to convey security risks, vulnerabilities, and threat intelligence to stakeholders.

* Ability to collaborate with internal teams, external partners, and regulatory agencies.

* Knowledge in managing security projects and initiatives.

* Ability to align security operations with organizational goals and objectives.

* Provide guidance and support to ensure effective performance and collaboration.

* Commitment to continuous improvement and staying updated on emerging security trends and technologies.

* Ability to align security operations with the department budget.

* Knowledge in selecting and purchasing security tools or acquiring managed services within budget constraints.

* Knowledge of business continuity and disaster recovery planning.

* Strong analytical skills to assess complex security issues.

* Ability to think critically and solve problems under pressure.

Profile description:

The Cybersecurity Specialist, under the supervision of the Manager Cybersecurity Operation, is in ch