Cybersecurity Operations Expert (Saudi) - Riyadh, KSA
At a Glance
- Category
- 💻 Technology
- Level
- Mid-Level
- Type
- Full-time
What's Your Score?
- See the score DeepSource Technologies's ATS gives your resume
- Get AI-rewritten bullet points
- Download Gulf-ready CV
60 seconds. $5.88 one-time.
Cybersecurity Operations Expert responsible for supporting the first line of defense through the day-to-day execution, monitoring, and improvement of operational security controls across enterprise IT environments. The role focuses on protecting systems, networks, endpoints, applications, and users by detecting threats, responding to security events, coordinating remediation activities, and maintaining effective cybersecurity operations.
Key responsibilities include continuous monitoring of security alerts and events, email security, and other operational security platforms, and ensuring timely containment and recovery actions. The role also supports vulnerability management by tracking findings, coordinating remediation with infrastructure and application teams, and validating closure of identified risks.
The Cybersecurity Operations Expert works closely with IT operations, network, cloud, server, endpoint, and application teams to ensure security controls are implemented and functioning effectively as part of daily business and technology operations.
Responsibilities also include supporting identity and access security operations, reviewing privileged access activities, enforcing security baselines, maintaining playbooks and operational procedures, and contributing to security awareness from an operational perspective.
This position is part of the first line of defense and is therefore focused on operating and executing controls rather than performing independent oversight, policy governance, regulatory compliance assurance, or internal audit activities associated with the second or third lines of defense.
Rsponsibilities:
- Monitor and analyze cybersecurity alerts, events, and incidents.
- Perform initial triage, investigation, containment support, and escalation of security incidents.
- Support endpoint, network, cloud, and email security operations.
- Coordinate vulnerability remediation with relevant technical teams.
- Execute and maintain operational security controls and monitoring use cases.
- Monitor and support security-related patching, platform upgrades, and operational technology refresh activities to ensure minimal security exposure and service disruption.
- Support security activities during system, tool, and infrastructure migrations, including validation of controls, configuration reviews, and post-migration security checks.
- Review and validate security integrations between cybersecurity tools, IT systems, cloud platforms, and third-party solutions to ensure proper logging, alerting, connectivity, and control effectiveness.
- Support access control reviews, privileged access monitoring, and identity-related security operations.
- Maintain incident response procedures, runbooks, and operational documentation.
- Track remediation actions and follow up on risk reduction activities.
- Contribute to continuous improvement of cybersecurity activities and processes.
- Support business resilience by reducing operational cyber risk exposure.Requirements
- Bachelor’s degree in Cybersecurity, Information Security, Computer Science, Information Technology, Engineering, or a related field.
- 5+ years of experience in cybersecurity operations, security monitoring, incident response, vulnerability management, or security engineering functions.
- Hands-on experience with enterprise security technologies, including SIEM, EDR/XDR, email security, identity and access management, network security, cloud security, and vulnerability management platforms.
- Strong understanding of cybersecurity frameworks, attack techniques, threat detection methodologies, and security operations best practices.
- Experience working in hybrid environments spanning on-premises infrastructure, cloud platforms, and third-party services.Preferred Certifications
Certified Information Systems Security Professional (CISSP)
Certified Information Security Manager (CISM)
Requirements
- •Monitor and analyze cybersecurity alerts, events, and incidents.
- •Perform initial triage, investigation, containment support, and escalation of security incidents.
- •Support endpoint, network, cloud, and email security operations.
- •Coordinate vulnerability remediation with relevant technical teams.
- •Execute and maintain operational security controls and monitoring use cases.
- •Support security activities during system and infrastructure migrations.
- •Review and validate security integrations between systems.
- •Support access control reviews and identity-related security operations.
Nice to Have
- •Experience with SIEM tools
- •Knowledge of email security platforms
- •Familiarity with identity and access management
Responsibilities
- •Protect systems, networks, endpoints, applications, and users by detecting threats.
- •Respond to security events and coordinate remediation activities.
- •Support vulnerability management by tracking findings and coordinating remediation.
- •Maintain playbooks and operational procedures.
- •Contribute to security awareness from an operational perspective.
- •Support business resilience by reducing operational cyber risk exposure.
Related Jobs1 similar job
Browse Similar
- See the score DeepSource Technologies's ATS gives your resume
- Get AI-rewritten bullet points
- Download Gulf-ready CV
60 seconds. $5.88 one-time.
DeepSource provides an AI-powered platform for automated code review, helping development teams improve code quality and reduce bugs. It serves software engineering teams of all sizes.