Senior Network & Email Security Engineer – Cyber Defense Specialist

Job Openings Senior Network & Email Security Engineer – Cyber Defense Specialist (5+ Years)

Location: Riyadh, Saudi Arabia (On-site)
Employment Type: Full-Time
Eligibility: Saudi Nationals Only
Company: One of the Global Big 5 Consulting Firms

We are seeking a highly skilled Senior Network & Email Security Engineer to join a leading Big 5 consulting firm, supporting a mission-critical, enterprise-scale environment within a regulated sector.

This role is responsible for maintaining a hardened network perimeter and securing enterprise email systems, ensuring operational excellence, audit readiness, and stability across all security controls. You will own day-to-day operations, incident response, and change governance across network and email security platforms.

• Perform daily health checks for Next-Generation Firewall (NGFW) environments, including cluster status, updates, licensing, and HA synchronization
• Maintain and optimize firewall rulebases by removing unused or redundant rules and enforcing least privilege access
• Ensure proper configuration of security profiles (IPS, Anti-Virus, URL Filtering, Threat Prevention)
• Manage remote access solutions (e.g., VPN), ensuring secure configurations and seamless user experience
• Troubleshoot traffic and connectivity issues using logs, packet capture (PCAP), and policy simulations

• Manage and optimize Secure Email Gateway policies for inbound and outbound email protection
• Strengthen defenses against phishing, BEC (Business Email Compromise), and impersonation attacks
• Oversee URL rewriting, sandboxing, and attachment detonation processes
• Manage quarantine workflows, user notifications, and false positive/negative handling
• Collaborate with messaging teams on SPF, DKIM, and DMARC alignment and email delivery health
• Lead and coordinate response to high-priority (P1) security incidents
• Work closely with SOC teams to analyze SIEM alerts and execute response playbooks
• Implement rapid containment measures (blocking rules, sender controls, sandbox verdicts)
• Conduct root cause analysis (RCA) and implement corrective and preventive actions
• Prepare CAB-ready change requests with full impact analysis, testing plans, and rollback strategies
• Execute firmware upgrades, signature updates, and policy changes
• Perform post-change validation and ensure proper documentation

• Maintain comprehensive, audit-ready documentation including change records, policy exports, logs, and incident reports
• Ensure alignment with regulatory frameworks such as SAMA and NCA Cybersecurity Framework (CSF)
• Support internal and external audits with clear, traceable evidence and reporting

• Develop and maintain SOPs and runbooks for operational processes and incident handling
• Mentor junior engineers (L1/L2) and support knowledge transfer initiatives
• Drive continuous improvement in operational practices and documentation standards

• Network Security: NGFW (Palo Alto or equivalent), VPN (site-to-site & remote access), IPS, URL filtering, sandboxing, SSL decryption, HA/failover
• Email Security: Secure Email Gateway (Proofpoint or equivalent), phishing/BEC protection, sandboxing, quarantine management
• Monitoring & Integration: SIEM/SOAR platforms, log analysis, threat intelligence integration

• 5+ years of experience in enterprise network and email security operations
• Hands-on experience with NGFW platforms (preferably Palo Alto)
• Experience with Secure Email Gateways (e.g., Proofpoint or equivalent)
• Strong understanding of incident and change management processes
• Proficiency in packet analysis, SSL decryption concepts, and email flow fundamentals
• Strong communication and reporting skills (English required, Arabic is a plus)

• Experience in banking or regulated environments
• Fami…