Information Security Specialist

The Information Security Specialist is responsible for delivering the required security services and overseeing the implementation of vulnerability management requirements, file integrity monitoring, endpoint and network threat detection systems, and incident response activities. This role involves providing operational and technical support to ensure the effectiveness of security controls and maintaining a resilient security posture across the organization.

• Deliver and supervise the implementation of vulnerability management, file integrity monitoring, and endpoint and network threat detection systems.
• Conduct system and network assessments to identify security vulnerabilities and weaknesses.
• Analyze vulnerability scan results and determine risks in alignment with security policies, controls, and applicable standards.
• Perform both technical and non-technical vulnerability assessments and evaluate their impact on the environment.
• Provide actionable recommendations to mitigate known and newly discovered vulnerabilities.
• Measure the effectiveness of existing defensive controls and ensure adequate protection of systems and networks.
• Conduct security scanning for databases, systems, and networks to identify security gaps.
• Troubleshoot and resolve security-related issues promptly.
• Collect and analyze incident-related data to identify root causes and assess impacts.
• Contribute to developing remediation recommendations and preventing recurrence of security incidents.
• Support investigations related to security incidents and coordinate efforts with relevant teams.
• Assist in security operations center (SOC) activities, including monitoring risks and detecting ongoing threats.
• Maintain strong knowledge of security best practices, methodologies, and industry standards.
• Effectively communicate with teams, stakeholders, and leadership.
• Apply methodologies and tools for scanning and assessing systems and networks for vulnerabilities.
• Maintain understanding of cyber threat landscapes and risks relevant to the organization.
• Ensure compliance with national cybersecurity frameworks, regulations, and policies.
• Demonstrate proficiency in both Arabic and English languages.

• Bachelor’s degree in Computer Engineering, Computer Science, or a related discipline from a recognized institution.
• Minimum of 5 years of experience in vulnerability assessment, file integrity monitoring, endpoint and network threat detection, or related security systems.
• Experience in vulnerability scanning of systems, networks, and databases.
• Strong troubleshooting and technical problem-solving skills in security environments.
• Experience in security incident analysis and contributing to forensic investigations.
• Strong knowledge of risk assessment methodologies and mitigation strategies.
• Familiarity with national cybersecurity regulations and organizational compliance requirements.Knowledge of security threats, vulnerability types, and assessment techniques.
• Effective communication and coordination skills.

• Specialized certification in vulnerability assessment and file monitoring tools such as:
• Qualys VM/WAS, Qualys Certified Specialist, Tripwire Enterprise (FIM).
• Cybersecurity and security analytics certifications such as:
• CYSA+, CCNA CyberOps.
• Digital forensics certifications such as:
• CHFI, DFIR or equivalent.
• Training or certification in firewall technologies such as Palo Alto.