MCPNew: now works with Claude & AI assistants
cbt-12

cbt-12

Senior Network & Email Security Engineer – Cyber Defense Specialist (5+ Years)

Company

cbt-12

Role

Senior Network & Email Security Engineer – Cyber Defense Specialist (5+ Years)

Location

Riyadh, Saudi Arabia

Job type

Full-time

Found on Mokaru

🔥Recently

Share this job

Salary

Not disclosed by employer

Job description

Senior Network & Email Security Engineer – Cyber Defense Specialist (5+ Years)

Location: Riyadh, Saudi Arabia (On-site)

Employment Type: Full-Time

Eligibility: Saudi Nationals Only

Company: One of the Global Big 5 Consulting Firms

About the Role

We are seeking a highly skilled Senior Network & Email Security Engineer to join a leading Big 5 consulting firm , supporting a mission-critical, enterprise-scale environment within a regulated sector.

This role is responsible for maintaining a hardened network perimeter and securing enterprise email systems, ensuring operational excellence, audit readiness, and stability across all security controls. You will own day-to-day operations, incident response, and change governance across network and email security platforms.

Key Responsibilities

Network Security Operations

• Perform daily health checks for Next-Generation Firewall (NGFW) environments, including cluster status, updates, licensing, and HA synchronization

• Maintain and optimize firewall rulebases by removing unused or redundant rules and enforcing least privilege access

• Ensure proper configuration of security profiles (IPS, Anti-Virus, URL Filtering, Threat Prevention)

• Manage remote access solutions (e.g., VPN), ensuring secure configurations and seamless user experience

• Troubleshoot traffic and connectivity issues using logs, packet capture (PCAP), and policy simulations

Email Security Operations

• Manage and optimize Secure Email Gateway policies for inbound and outbound email protection

• Strengthen defenses against phishing, BEC (Business Email Compromise), and impersonation attacks

• Oversee URL rewriting, sandboxing, and attachment detonation processes

• Manage quarantine workflows, user notifications, and false positive/negative handling

• Collaborate with messaging teams on SPF, DKIM, and DMARC alignment and email delivery health

Incident Response & Threat Management

• Lead and coordinate response to high-priority (P1) security incidents

• Work closely with SOC teams to analyze SIEM alerts and execute response playbooks

• Implement rapid containment measures (blocking rules, sender controls, sandbox verdicts)

• Conduct root cause analysis (RCA) and implement corrective and preventive actions

Change Management & Upgrades

• Prepare CAB-ready change requests with full impact analysis, testing plans, and rollback strategies

• Execute firmware upgrades, signature updates, and policy changes

• Perform post-change validation and ensure proper documentation

Compliance & Audit Readiness

• Maintain comprehensive, audit-ready documentation including change records, policy exports, logs, and incident reports

• Ensure alignment with regulatory frameworks such as SAMA and NCA Cybersecurity Framework (CSF)

• Support internal and external audits with clear, traceable evidence and reporting

Documentation & Knowledge Transfer

• Develop and maintain SOPs and runbooks for operational processes and incident handling

• Mentor junior engineers (L1/L2) and support knowledge transfer initiatives

• Drive continuous improvement in operational practices and documentation standards

Technology Environment

• Network Security: NGFW (Palo Alto or equivalent), VPN (site-to-site & remote access), IPS, URL filtering, sandboxing, SSL decryption, HA/failover

• Email Security: Secure Email Gateway (Proofpoint or equivalent), phishing/BEC protection, sandboxing, quarantine management

• Monitoring & Integration: SIEM/SOAR platforms, log analysis, threat intelligence integration

Candidate Profile

Required Qualifications

• Saudi National

• 5+ years of experience in enterprise network and email security operations

• Hands-on experience with NGFW platforms (preferably Palo Alto)

• Experience with Secure Email Gateways (e.g., Proofpoint or equivalent)

• Strong understanding of incident and change management processes

• Proficiency in packet analysis, SSL decryption concepts, and email flow fundamentals

• Strong communication and reporting skills (English required, Arabic is a plus)

Preferred Qualifications

• Experience in banking or regulated environments

• Familiarity with SIEM/SOAR integrations and security automation

• Relevant certifications (e.g., PCNSE, email security certifications, ITIL)

Success Metrics (First 90–180 Days)

• Improved firewall rulebase hygiene with reduced redundancy and full security profile coverage

• High availability stability with zero unplanned failovers

• VPN performance aligned with defined SLAs and MFA enforcement

• Measurable reduction in phishing/BEC incidents and improved email security effectiveness

• Timely delivery of audit-ready documentation and successful internal audit validation

Working Model

• On-site at client premises in Riyadh (Sunday–Thursday)

• On-call support required for critical incidents (P1) and planned changes

Why Join This Opportunity

• Be part of one of the world’s leading Big 5 consulting firms

• Work in a highly secure, regulated, enterprise-scale environment

• Exposure to advanced cybersecurity technologies and threat landscapes

• Opportunity to lead critical security operations with real business impact

• Strong career growth within cybersecurity and consulting domains

Resume ExampleCover Letter Example