Cyber Security Senior Engineer

Tawteen

Lead the vulnerability management lifecycle, including scanning, validation, prioritisation, remediation tracking and closure verification.

Perform technical assessment of vulnerabilities, misconfigurations, alerts and penetration testing findings, and define risk-based remediation actions.

Implement, tune and maintain cyber security technologies and technical controls within assigned scope, including endpoint, network, identity, email, web and monitoring controls as applicable.

Review security architecture, configurations, hardening baselines and segmentation arrangements, and recommend practical improvements.

Support investigation, containment and recovery activities for cyber security incidents; provide technical analysis, evidence gathering and root-cause input.

Coordinate remediation actions with infrastructure, applications, networks, telecoms, service owners and third-party vendors to ensure timely risk reduction.

Conduct technical assurance reviews for systems, changes, projects and exceptions to confirm compliance with security requirements and control standards.

Develop and maintain security procedures, playbooks, technical standards and documentation for assigned cyber security services and controls.

Prepare clear technical reports, dashboards and management updates covering vulnerabilities, incidents, risks, trends and control effectiveness.

Support internal and external audits, surveillance reviews and compliance assessments, and ensure timely closure of observations and action plans.

Provide expert security advice to projects and operational teams on secure implementation, hardening requirements and control design.

Identify automation and efficiency opportunities to improve repeatable cyber security tasks, reporting and monitoring effectiveness.

Maintain current awareness of threat trends, attack techniques, defensive practices, regulatory expectations and relevant technologies.

Provide technical guidance and knowledge sharing to junior staff, contractors and project resources as required.

Perform other related duties as assigned.

Demonstrate knowledge of Asset Management, HSE Management System and IT Security Standard requirements according to ISO 55001, ISO 14001, ISO 45001 / OHSAS 18001 and ISO 27001 in carrying out assigned responsibilities.