About the job
The Sr. Cybersecurity Specialist is responsible for leading the cyber security defense program and activities within the company. Reporting directly to the CISO and working within the Cybersecurity department, this role focuses on monitoring, detecting, and responding to cybersecurity threats. The specialist will handle alerts, analyze security data, contribute to firewall and EDR rule improvements, and ensure the company's assets are well-protected. Additionally, the role involves threat hunting, vulnerability management, and implementing threat intelligence controls to maintain a robust cybersecurity posture.
Responsibilities
- Monitoring and Detecting: Handle alerts from cybersecurity systems such as FW, WAF, EDR, Vulnerability Management, DLP, Data Classification, IDS, and NAC to enhance protection.
- Ensure all company assets and critical functions are monitored by the SOC.
- Analyze security alerts generated by security appliances and tickets issued by the SOC.
- Review and update security use cases in security appliances.
- Contribute to improving Firewall and EDR rules.
- Implement related cybersecurity policies and standards.
- Evaluate and report on the security posture to the line manager.
- Contribute to implementing related security controls in security programs.
- Coordinate with relevant departments and employees to address the above tasks.
- Monitor threat feeds, threat advisories, latest vulnerabilities, and security incidents to enhance the company's environment security.
- Provide regular reports on the progress of work to the management.
Threat Hunting
- Investigate all alerts to confirm whether they are false positives or not.
- Conduct threat hunting to proactively detect vulnerabilities in the company's environment.
Vulnerability Management
- Scan company assets to detect vulnerabilities and follow up to fix them.
- Contribute to penetration testing on the company's network, web applications, and mobile apps by developing requirements and evaluating penetration testing reports.
Threat Intelligence
- Implement related controls based on the SAMA Cyber Threat Intelligence Framework.
- Scan the environment against Indicators of Compromise (IoC), Sigma, and YARA rules provided by Threat Intelligence feeds or regulatory advisories.
Qualifications
- 2-3 years of experience in a cybersecurity defense operation.
- Good knowledge in the implementation of cybersecurity defense controls.
- Knowledge with SAMA CSF CTI implementation.
- Familiar with cybersecurity solutions (FW, WAF, EDR, DLP, SIEM, etc.).
- Bachelor’s Degree in CS, IT, or a relevant field.
- Preferable to have one or more information security professional certificates such as: Security+, eJPT, CEH, Blue Team certificate