Senior Network & Email Security Engineer Job Riyadh area,Riyadh Region Saudi Arabia,IT/Tech

Job Title:

Senior Network & Email Security Engineer

Location:

Riyadh

Job Summary:

Maintain a hardened perimeter and secure enterprise email with full operational evidence for audits and transition stability. This role owns day-to-day operations, hygiene, incident response, and change control across network security controls and the email security gateway in Client’s production environment.

In-scope technologies (representative, non-exhaustive)

Network Security:
Next‑Gen Firewalls (e.g., Palo Alto / equivalent), site‑to‑site & remote‑access VPN, IPS/Threat Prevention, URL filtering, Wild Fire/sandboxing (or equivalent), SSL decryption where applicable, HA/failover, logging to SIEM.
Email Security:
Secure Email Gateway (e.g., Proofpoint or equivalent): inbound/outbound policies, anti‑phishing/BEC, impersonation protection, URL rewriting/sandboxing, attachment detonation, quarantine workflows, user digests, SPF/DKIM/DMARC posture checks (with Messaging team).

Responsibilities:

Operational Ownership (Network)

Daily health checks for NGFW clusters, threat/content updates, license/status, HA sync/state.
Rulebase hygiene: reduce unused/overlapping rules, enforce least privilege, maintain application‑based policies, validate security profiles (AV/IPS/URL filtering).
Remote access posture (e.g., Global Protect or equivalent): portal/gateway policies, MFA integration with IAM team, and user experience SLAs.
Traffic troubleshooting: ACC/log analysis, PCAPs, policy simulation; coordinate fixes with platform owners.

Operational Ownership (Email Security)

Inbound/outbound policy tuning; phishing/BEC controls and executive spoof protection.
URL and attachment sandboxing effectiveness; manage quarantine queues and approval flows.
Partner with Messaging team on SPF/DKIM/DMARC alignment; monitor sending reputation and delivery health.
Provide user‑facing guidance (digests, safe release, false positive/negative handling).

Incident Response & Threat Handling

Lead P1 incidents across perimeter/email; coordinate with SOC (SIEM alerts, playbooks).
Rapid containment (block rules, URL detonation verdicts, sender throttling), evidence capture, and RCA with corrective actions.

Change, Patch & Upgrades

Prepare CAB‑ready change plans (impact, test, rollback) for signature/content updates, firmware upgrades, and policy changes.
Post‑change validation and documentation.

Compliance & Evidence

Maintain audit‑ready artifacts: change tickets/approvals, policy exports, content update logs, quarantine reports, incident timelines, and monthly posture reviews.
Familiarity with SAMA & NCA CSF audit and regulations requirements.
Support internal/external audits with traceable evidence.

Documentation & KT

Own runbooks/SOPs (policy hygiene, incident triage, quarantine workflows, upgrade steps).
Mentor L1/L2; drive shadow → reverse-shadow.

Requirements

Required Qualifications:

5+ years experience in enterprise network and email security operations.
Hands‑on with NGFWs (preferably Palo Alto) and a major Secure Email Gateway (e.g., Proofpoint).
Strong change/incident management discipline; clear written reports in English (Arabic a plus).
Comfortable with packet analysis, SSL decryption concepts, and mail flow basics with messaging teams.

Preferred Qualifications:

Banking/regulated‑sector experience.
Experience integrating controls with SIEM/SOAR.
Certifications:

PCNSE (or equivalent NGFW), vendor SEG certification, ITIL.

#J-18808-Ljbffr


Increase/decrease your Search Radius (miles)



Job Posting Language