Delivery jobs in Saudi Arabia

Job Summary:

What does this role aim to achieve in the firm/what impact does the role create

This role is critical in ensuring our clients’ IT environments are secure by identifying, analyzing, and managing vulnerabilities across their systems and networks. The ideal candidate will have hands-on experience with industry-leading vulnerability management tools, a strong understanding of security frameworks, and expertise in applying methodologies to drive effective vulnerability remediation.

Roles and Responsibilities:

Daily tasks and delivery expectation

• Vulnerability Assessments: Conduct regular vulnerability scans and assessments using tools such as Tenable, Qualys, and MS Defender Vulnerability Management, ensuring comprehensive coverage of client environments.
• Analysis and Prioritization: Analyze scan results, prioritize vulnerabilities based on risk level, and collaborate with clients to establish remediation timelines.
• Remediation Support: Work closely with client IT teams to guide and support vulnerability remediation efforts, leveraging methodologies such as the MITRE ATT&CK framework to contextualize threats and risk.
• Reporting and Documentation: Prepare detailed vulnerability reports, including metrics, trends, and recommendations, tailored to client requirements and aligned with regional compliance standards.
• Process Improvement: Continuously enhance vulnerability management processes and methodologies to improve efficiency, accuracy, and effectiveness.
• Client Collaboration: Act as a trusted advisor to clients, ensuring alignment with their security objectives and maintaining strong communication throughout vulnerability management engagements.
• Leverage automation tools and integrations to reduce manual efforts and enhance the effectiveness of GRC processes.

Awareness Program Support (Secondary Focus):

• Provide supplementary support for managed cybersecurity awareness programs using tools like KnowBe4, CoFense, and ProofPoint, when required.
• Assist in integrating awareness components into broader GRC frameworks to enhance organizational security culture.

Expected Skills:

Specific learned abilities or technical skills

• Hands-on experience with vulnerability management tools, particularly Tenable, Qualys, and MS Defender VM.
• Knowledge of vulnerability assessment methodologies, patch management processes, and threat modeling.
• Understanding of industry frameworks such as CVSS (Common Vulnerability Scoring System) and security standards like ISO 27001 and NIST.
• Familiarity with industry frameworks and standards, including:
• CVSS (Common Vulnerability Scoring System)
• ISO 27001 and NIST Cybersecurity Framework (CSF)
• CIS Controls for secure configurations and benchmarks
• MITRE ATT&CK for threat context and analysis
• OWASP standards for web application vulnerabilities
• Basic scripting knowledge and skills (PowerShell, Python, etc.).
• Strong analytical skills to interpret scan results and provide actionable insights.
• Excellent communication and reporting skills, with the ability to explain technical findings to non-technical stakeholders.
• Collaborative mindset to work effectively with client teams and internal stakeholders.
• Proactive and detail-oriented, with a commitment to delivering high-quality work.

Expected Competencies:

Values, behaviors & attitude

• Leadership
• Strategic mindset
• Stakeholder management
• Ability to influence
• Communicate with impact
• Project management
• Results driven
• Drive organizational excellence

Required Language Skills: Proficient in written and spoken English. Arabic is a plus.

Minimum Education and Specific Qualification:

• Bachelor’s degree in Cybersecurity, Information Technology, or a related field.
• Relevant certifications such as CompTIA Security+, CEH, or equivalent.
• 3–4 years of experience in vulnerability management or a related cybersecurity role.

Years of Experience: 3-4 years

Travel Requirements: Not Specified

Available for Work Visa Sponsorship? No

Government Clearance Required? No

Job Posting End Date:

Tagged as: Internal Firm Services