Cybersecurity Analyst

Department: Information Security Monitoring

Employment Type: Full Time

Location: KSA

Description

Key Responsibilities

• Strong understanding of cloud services such as Google Cloud Platform (GCP), Terraform, CI/CD Security, Kubernetes Security, GitLab, and Product Security features and fixes.
  
  

• Perform Dynamic Application Security Testing (DAST) and Static Application Security Testing (SAST) for Web, Mobile, and API applications.
• Conduct Infrastructure Vulnerability Assessments and Penetration Testing on systems, switches, and servers.
  
  

• Manage enterprise-level Anti-Virus (AV) solutions to protect against malware, viruses, and other malicious threats.
  
  

• Monitor the security of the entire corporate IT infrastructure, including:
  • Network security controls
  • Anti-malware implementation
  • Cloud Security Posture Management (CSPM)
  • Data Loss Prevention (DLP)
  • Firewall rulesets
  • Backup & disaster recovery
  • Vulnerability management processes
    
    

• Work across product and engineering teams to prioritize security features and bugs.
• Collaborate with DevOps and other teams to implement and improve security controls and processes.
  
  

• Conduct phishing simulations and other awareness exercises to assess employee susceptibility to social engineering attacks.
• Provide targeted training to enhance cyber resilience.
  
  

• Automate and improve Incident Response procedures.
• Develop security playbooks to reduce manual effort in responding to cyber incidents.
• Monitor threats and vulnerabilities and conduct threat intelligence research.
• Develop detection rules using various security tools.

Skills, Knowledge and Expertise

• Degree in Cybersecurity, Information Technology, Computer Science, Software Engineering, or a related field.
• 0-2 years of experience in cybersecurity operations.
• Knowledge of IT security challenges and strategies in a fast-paced Fintech environment.
•  Security certifications (Preferred but not required): CEH, CompTIA Security+, etc.
• Strong communication, stakeholder management, and influencing skills.
• Experience in cross-team collaboration to deliver security solutions.
• Ability to develop and deliver cybersecurity training.
• Experience working in a culturally diverse environment.
• Knowledge of online technologies, payment methods, content delivery networks, REST APIs, microservices, and application development.
• Programming & scripting skills (Bash, Python, etc.).