Senior IT Security Engineer

Senior IT Security Engineer

Location: Riyadh, Saudi Arabia

About the Company:

Webook.com is Saudi Arabia's #1 private event ticketing and experience booking platform, serving some of the largest mega events in the Kingdom with over half a billion in sales. We are part of the Supertech Group, which includes UXBERT Labs, a leading digital and user experience design agency in the GCC, and Kafu Games, the largest esports tournament platform in MENA.

Job Summary:

The Senior IT Security Engineer will be responsible for designing, implementing, and maintaining the organization's IT security infrastructure. This role involves protecting systems, networks, and data from security threats, as well as developing security policies and procedures to mitigate risks. The ideal candidate will have extensive experience in cybersecurity, a deep understanding of security protocols, and the ability to lead security initiatives.

Key Responsibilities:

1. Design and implement security architectures and solutions that align with industry standards and best practices.
2. Evaluate and recommend security technologies and solutions to enhance overall security posture.
3. Collaborate with IT teams to integrate security measures into system designs and operations.
4. Monitor security events and alerts, conducting thorough investigations of incidents and breaches.
5. Develop and implement incident response plans to effectively address and remediate security incidents.
6. Perform vulnerability assessments and penetration testing to identify weaknesses and recommend remediation strategies.
7. Develop and enforce security policies, procedures, and guidelines in accordance with regulatory requirements and industry standards.
8. Ensure compliance with relevant regulations (e.g., GDPR, HIPAA, PCI DSS) and organizational security policies.
9. Conduct regular security audits and assessments to evaluate the effectiveness of security controls.
10. Identify and assess potential security risks and vulnerabilities across the organization's IT environment.
11. Develop risk mitigation strategies and ensure appropriate measures are in place to safeguard sensitive data and systems.
12. Conduct regular reviews of security protocols and adjust as necessary based on evolving threats.
13. Conduct security awareness training for employees to promote a culture of security within the organization.
14. Stay updated on the latest cybersecurity trends, threats, and technologies, and share knowledge with the IT team and organization.
15. Work closely with cross-functional teams to ensure security measures are integrated into all projects and operations.
16. Prepare and present regular reports on security incidents, vulnerabilities, and the overall security posture of the organization to stakeholders.
17. Serve as the primary point of contact for all security-related issues and inquiries.

Qualifications:

1. Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
2. Proven experience in IT security, with at least [insert number] years in a senior security role.
3. Strong knowledge of security frameworks (e.g., NIST, ISO 27001) and security technologies (e.g., firewalls, intrusion detection/prevention systems, SIEM).
4. Experience with threat modeling, risk assessment, and incident response.
5. Relevant certifications such as CISSP, CISM, CEH, or equivalent are highly desirable.
6. Excellent analytical and problem-solving skills, with the ability to work under pressure and manage multiple priorities.