Cybersecurity Specialist

• Provide high complex support on cybersecurity within MNGHA IT services including defense and resilience,
industrial control system and third party and cloud computing as applicable in the area of assignment and
implement all cybersecurity risk controls and applicable policies, standards and best practices to protect IT
systems, data and technology assets.
• Collaborate with IT departments/staff to investigate and resolve any cyber risks. Maintain a deployable cyber
defense audit toolkit based on industry best practices to support cyber defense audits. Maintain knowledge of
applicable cybersecurity defense policies, regulations, and compliance documents as they pertain to
cybersecurity defense auditing. Coordinate with other cyber defense staff to validate network alerts
• Correlate incident data to identify vulnerabilities. Make recommendations to enable effective remediation of
vulnerabilities.
• Carry out a cybersecurity risk assessment and vulnerability scanning on systems and assets. Prepare
cybersecurity assessment and audit reports that identify technical and procedural findings, and include
recommended remediation strategies and solutions. Perform technical and nontechnical risk and vulnerability
assessments of organizational technology environments.
• Conduct regular monitoring of cybersecurity of MNGHA system implementation and testing practices. Assess
and verify the efficiency of the cybersecurity within the organization including antivirus, firewall, threat
detection and other IT security in place protocols. Proactive and reactively provide solutions to threats,
incidents or damages.
• Use security testing and code scanning tools to conduct code reviews. Conduct or support authorized
penetration testing of infrastructure and assets. Recommend cost-effective security controls to mitigate risks
identified through testing and review.
• Conduct required reviews, including reviews of defensive measures, according to the MNGHA’s policies.
Participate in any cybersecurity related projects/programs.
• Define and document the effectiveness of the implementation of a new system or new interfaces between
systems on the security posture of the existing environment.
• Develop and conduct cybersecurity awareness program and related materials that are appropriate for
intended audiences. Coordinate with other technical departments/staff for IT security related upgrade
including installation, configuration and setting up, as applicable.
• Perform other job related duties.

• Work-stream leads, subordinates
• All internal and external disciplines, government entities
• Expected to use critical-thinking stills to reach objective conclusions
• High paced environment with intense deadlines
• Handling multiple projects simultaneously
• Great deal of details and accuracy
• Perpetual interaction with relevant stakeholders
• Occasional overtime, on call, weekend, and holiday work might be required

Certified in Cybersecurity Governance, Risk and Compliance (GRC) or in any Cybersecurity related field – Preferred

Work Experience | Minimum of 6 years’ IT-related experience in comparable environment, 4 years of which in cybersecurity or similar field or SCDP-Saudi Career Development Training Program – Essential

English Language Level – I – Essential

Cybersecurity, Network Engineering & Security, Information Systems, Computer Science or related