Cyber Defense Expert

Job Description

Overview:
An expert role in Detection & Threat Response (DTR) section is required to
move forward with the execution of what has been developed as plans, KPIs, CS
policy and standards. This role will support Internal Cybersecurity to insure
having well developed & executed end-to-end processes between stakeholders,
evaluate the required CS controls from threat perspective to enhance
Solutions' CS defense and detection.
In addition to that, will support in handling Cybersecurity incident and
threat, provide a Cybersecurity technical expertise to ensure the
effectiveness and efficiencies of Hybrid SOC, and act as a technical leader
for DTR initiatives as defined in Cybersecurity Strategy/Roadmap.
* Act as an SME in implementing future initiatives/projects that covers whole Solutions' environment (SIEM Solution, Threat Intel, Incident Response.).
* Identify the top potential threats that might severely impact Solutions with the set of required controls/recommendations to prevent/minimize its impact.
* Investigate and handle incidents as reported by line of business and IT functions, MSOC/Hybrid-SOC, or external entity.
* Lead the response to cybersecurity critical incidents and threats, as per defined processes and standards.
* Escalate relevant incidents as per the organization escalation criteria.
* Work closely with MSOC/Hybrid SOC to ensure effectiveness and quality of offered monitoring services to Solutions.
* Participate in industry response exercises and drills.
* Assist the function manager in managing and improving the function.
* Act as a technical advisor and leader for technical initiatives as defined in Cybersecurity Strategy or requested by management.
* Develop and define the scope of Solutions' attack surface and the associated techniques that might be used against Solutions.
* Assist in building the required organization wide frameworks, like threat intel & threat level's actions.

Personal Skills

• Good knowledge in executing cybersecurity projects.


• Strong knowledge of cybersecurity monitoring, threat and incident management processes and tools.


• Strong analytical and problem-solving skills.


• Excellent people-management skills.


• Ability to work in a high stress environment .


• Ability to interact with staff, peers and vendors on a technical and professional level.


• Experience in crisis management.

Technical Skills

• ‎5-‎8 years in Cybersecurity


• Knowledge of relevant regulatory frameworks and best practices such as NCA ECC, NIST CSF, ISO ‎27001, PCI-DSS, MITRE ATT&CK, Cyber Kill Chain, etc.


• Experience with SIEM tools, preferred splunk.


• Experience with DFIR tools, e.g. EDR, Network forensics


• SEC501: Advanced Security Essentials - Enterprise Defender (GCED Certification)


• SEC503: Intrusion Detection In-Depth (GCIA Certification)


• SEC504: Hacker Tools, Techniques, Exploits and Incident Handling (GCIH Certification)


• SEC511: Continuous Monitoring and Security Operations (GMON Certification)


• FOR508: Advanced Incident Response, Threat Hunting, and Digital Forensics (GCFA Certification)


• IHRP: Incident Handling & Response Professional (eCIR Certification)


• CISSP


• CISM

Education

Bachelor degree in computer science, IT engineering, Cybersecurity, or
equivalent degrees

Job Details

Job Location
Riyadh, Saudi Arabia
Company Industry
IT Services
Company Type
Employer (Private Sector)
Job Role
Engineering
Joining Date
‎2023-‎02-‎01
Employment Status
Full time
Employment Type
Employee
Manages Others
No
Job Division
Jafeer
Technical

Preferred Candidate

Career Level
Mid Career
Years of Experience
Min: ‎5 Max: ‎8
Residence Location
Saudi Arabia
Nationality
Saudi Arabia
Degree
Bachelor's degree