Cyber Security Engineer Lean Technologies  

What you'll Own

• Cloud Security

  • Secure cloud environments by implementing best practices for IAM, network security, logging, monitoring, and encryption.

  • Configure and manage cloud-native security services such as security groups, WAF, SIEM integrations, and key management solutions.

  • Conduct cloud security posture reviews in alignment with relevant regulatory requirements and cybersecurity frameworks, such as SAMA CSF, NCA ECC, and other applicable local and international standards.

  • Support secure architecture design and threat modeling for cloud-based services.

• SOC Operations & Monitoring

  • Monitor and investigate security alerts from SIEM, EDR, and cloud security tools.

  • Perform triage, analysis, and escalation of security incidents in line with defined SLAs.

  • Participate in incident response activities, including containment, root cause analysis, and post-incident reporting.

  • Maintain and improve detection rules, playbooks, and SOC procedures.

• Vulnerability Assessment & Penetration Testing

  • Conduct regular vulnerability scans on cloud infrastructure, applications, and networks.

  • Analyze findings, assess risk, and work with engineering teams on remediation.

  • Support internal and external penetration testing exercises and track remediation of findings.

  • Validate remediation actions and continuously improve vulnerability management processes.

• Identity, Access & Data Protection

  • Implement and manage IAM controls, least-privilege access, and MFA across environments.

  • Support encryption, key management, and secure data handling in line with KSA PDPL requirements.

• Regulatory & Compliance Support

  • Support security controls and technical evidence required for SAMA CSF, NCA ECC, PDPL, and related KSA regulatory requirements.

  • Collaborate with compliance and audit teams during assessments, audits, and regulatory reviews.

  • Ensure technical security controls align with ISO 27001 and SOC 2 requirements.

• Continuous Improvement & Collaboration

  • Stay up to date on emerging threats, vulnerabilities, and cloud security trends.

  • Contribute to security documentation, runbooks, and technical standards.

  • Support security awareness initiatives and promote secure engineering practices.