Emplois en direct

Job Summary:

Maintain a hardened perimeter and secure enterprise email with full operational evidence for audits and transition stability. This role owns day-to-day operations, hygiene, incident response, and change control across network security controls and the email security gateway in Client’s production environment.

In-scope technologies (representative, non-exhaustive)

• Network Security: Next-Gen Firewalls (e.g., Palo Alto / equivalent), site-to-site & remote-access VPN, IPS/Threat Prevention, URL filtering, WildFire/sandboxing (or equivalent), SSL decryption where applicable, HA/failover, logging to SIEM.
• Email Security: Secure Email Gateway (e.g., Proofpoint or equivalent): inbound/outbound policies, anti-phishing/BEC, impersonation protection, URL rewriting/sandboxing, attachment detonation, quarantine workflows, user digests, SPF/DKIM/DMARC posture checks (with Messaging team).

1. Operational Ownership (Network)

• Daily health checks for NGFW clusters, threat/content updates, license/status, HA sync/state.
• Rulebase hygiene: reduce unused/overlapping rules, enforce least privilege, maintain application-based policies, validate security profiles (AV/IPS/URL filtering).
• Remote access posture (e.g., GlobalProtect or equivalent): portal/gateway policies, MFA integration with IAM team, and user experience SLAs.
• Traffic troubleshooting: ACC/log analysis, PCAPs, policy simulation; coordinate fixes with platform owners.

1. Operational Ownership (Email Security)

• Inbound/outbound policy tuning; phishing/BEC controls and executive spoof protection.
• URL and attachment sandboxing effectiveness; manage quarantine queues and approval flows.
• Partner with Messaging team on SPF/DKIM/DMARC alignment; monitor sending reputation and delivery health.
• Provide user-facing guidance (digests, safe release, false positive/negative handling).

1. Incident Response & Threat Handling

• Lead P1 incidents across perimeter/email; coordinate with SOC (SIEM alerts, playbooks).
• Rapid containment (block rules, URL detonation verdicts, sender throttling), evidence capture, and RCA with corrective actions.

1. Change, Patch & Upgrades

• Prepare CAB-ready change plans (impact, test, rollback) for signature/content updates, firmware upgrades, and policy changes.
• Post-change validation and documentation.

1. Compliance & Evidence

• Maintain audit-ready artifacts: change tickets/approvals, policy exports, content update logs, quarantine reports, incident timelines, and monthly posture reviews.
• Familiarity with SAMA & NCA CSF audit and regulations requirements.
• Support internal/external audits with traceable evidence.

1. Documentation & KT

• Own runbooks/SOPs (policy hygiene, incident triage, quarantine workflows, upgrade steps).
• Mentor L1/L2; drive shadow → reverse-shadow.

• 5+ years in enterprise network and email security operations.
• Hands-on with NGFWs (preferably Palo Alto) and a major Secure Email Gateway (e.g., Proofpoint).
• Strong change/incident management discipline; clear written reports in English (Arabic a plus).
• Comfortable with packet analysis, SSL decryption concepts, and mail flow basics with messaging teams.

• Banking/regulated-sector experience.
• Experience integrating controls with SIEM/SOAR.
• Certifications: PCNSE (or equivalent NGFW), vendor SEG certification, ITIL.

Halian Group:

With over 28 years of experience, we have come to understand that innovation is the only way to provide agile, practical solutions that transform businesses and careers.

Our resourcing and smart services help you to realize tomorrow’s potential. Discover the amazing things possible when you bring the right people and the right technologies together.

At Halian, we recognize that diversity, equity, and inclusion (DEI) are essential to building high-performing teams for our clients. We are committed to connecting organizations with top talent from all backgrounds, ensuring that every individual feels valued, respected, and empowered to contribute their unique perspectives. We encourage applications from all qualified candidates, regardless of race, gender, disability, or any other characteristic that makes them unique. By fostering diverse and inclusive workplaces, we help our clients drive innovation, enhance collaboration, and better reflect the communities they serve.