Cyber Security Engineer📣 إعلان

About the Role

Muvi Cinemas is seeking a skilled and proactive Cybersecurity Engineer to join its IT Department in Riyadh. This full-time position is responsible for protecting the organization's networks, systems, applications, and data from cyber threats. The role reports to the Director of TechOps and plays a critical part in safeguarding digital assets, customer data, point-of-sale systems, and entertainment technology platforms, ensuring compliance with Saudi National Cybersecurity Authority (NCA) regulations and international security standards.

Security Infrastructure and Architecture

The Cybersecurity Engineer will design, implement, and manage cybersecurity infrastructure, including firewalls, intrusion detection/prevention systems (IDS/IPS), SIEM, endpoint protection, and network security solutions. This includes developing and maintaining a security architecture aligned with business requirements and industry best practices, deploying security tools across on-premises, cloud, and hybrid environments, and implementing strategies such as network segmentation and zero-trust architecture. Evaluation and recommendation of new security technologies are also key responsibilities.

Vulnerability Management and Incident Response

This role involves conducting regular vulnerability assessments and penetration testing, identifying, classifying, and prioritizing security vulnerabilities, and developing remediation plans. The engineer will also perform security code reviews, manage vulnerability scanning tools, and conduct red team/blue team exercises. Responsibilities extend to monitoring security events, leading incident response activities (identification, containment, eradication, recovery), developing incident response plans, and conducting forensic investigations.

Data Protection, Network, and Cloud Security

Key duties include implementing data protection controls to safeguard customer and business data, ensuring compliance with PCI DSS and Saudi Personal Data Protection Law (PDPL), and supporting data classification and loss prevention strategies. The engineer will manage network security devices, implement endpoint detection and response (EDR) solutions, secure wireless networks and IoT devices, and manage access control systems. Cloud security responsibilities involve implementing and managing security controls for cloud environments (AWS, Azure, GCP, or similar) and conducting cloud security assessments.

Compliance and Security Awareness

Ensuring compliance with Saudi National Cybersecurity Authority (NCA) regulations, Essential Cybersecurity Controls (ECC), and other applicable standards like ISO 27001 and NIST is crucial. This includes preparing documentation for security audits and conducting security risk assessments. Additionally, the role involves developing and delivering cybersecurity awareness training programs for employees and conducting phishing simulations to enhance organizational security awareness.

Qualifications and Experience

Candidates should possess a Bachelor's degree in Cybersecurity, Computer Science, Information Technology, Network Engineering, or a related field. A minimum of 3-5 years of experience in cybersecurity engineering, security operations, or information security roles is required. Fluency in English is mandatory, with proficiency in Arabic being preferred. Professional cybersecurity certifications are essential, including CEH, CompTIA Security+, CCNA Security, OSCP, or GIAC. Advanced certifications such as CISSP, CISM, or CCSP are advantageous. Strong hands-on experience with security tools, cloud security, PCI DSS compliance, and Saudi NCA ECC is expected.