Network Security - L3📣 Job Ad

About the Role

Sirar by stc, an advanced technology and cybersecurity company established by stc, is seeking a highly skilled Network Security - L3 professional to join their team in Riyadh, Saudi Arabia. This full-time role is critical in providing expert-level support and ensuring the robust security of our clients' network systems, empowering organizations to take control of their cyber capabilities and digital environments with comprehensive solutions for safe, secure, and efficient online operations.

Key Responsibilities

• Serve as a subject matter expert in IT Network system security, providing Level 3 support and handling escalations.
• Offer advisory and support functions to front office and back office teams.
• Configure, administer, and optimize firewalls, intrusion detection/prevention systems (IDS/IPS), VPNs, and other security appliances.
• Implement and manage access control lists (ACLs) to ensure authorized access to network resources.
• Develop and enforce network security policies and protocols.
• Set up system and network logging and monitoring systems to track security events and incidents.
• Troubleshoot and resolve security-related incidents and issues, including outside regular working hours.
• Address and resolve escalated issues from L1 and L2 support teams, ensuring timely responses and minimal disruptions.
• Participate in system updates and upgrades to maintain functionality and security.
• Analyze incoming requests for potential risks, providing insights to guide decision-making.
• Analyze identified malicious activity to determine exploited weaknesses, exploitation methods, and system/information effects.
• Conduct regular security reviews and risk assessments.
• Proactively update and upgrade systems to maintain optimal performance and security standards.
• Implement all system changes in strict adherence to change management processes.
• Oversee the seamless handover of new systems and services, ensuring comprehensive understanding and continuity.
• Facilitate knowledge transfer sessions for L1 and L2 teams to foster skill development and operational efficiency.
• Support monitoring and operational activities related to telecom signaling security technologies, including SS7, Diameter, and GTP/GTP-C, within mission-critical environments.
• Ensure the secure operation and availability of telecom security infrastructure protecting critical services in 24x7 mission-critical environments.
• Assist in identifying, analyzing, troubleshooting, and escalating telecom-related security incidents, signaling anomalies, suspicious traffic behavior, and service-impacting events.
• Support troubleshooting activities involving SS7, Diameter, and GTP signaling flows, connectivity issues, roaming-related concerns, and service degradation scenarios.
• Collaborate with Core, Network, Security, Vendor, and Operations teams to resolve complex telecom security and signaling-related issues.
• Coordinate with telecom vendors and third-party support teams for fault isolation, root cause analysis, and restoration of mission-critical telecom services.
• Assist in identifying telecom security vulnerabilities, protocol weaknesses, and misconfigurations, and support mitigation measures.
• Conduct periodic health checks and preventive maintenance reviews for telecom security systems.
• Participate in disaster recovery exercises and failover testing for telecom security systems.
• Document and execute system changes as directed, coordinating with appropriate teams to minimize disruption.
• Facilitate the handover of new systems and services, ensuring smooth transitions and knowledge transfer.
• Assist in providing knowledge transfer sessions to L1 teams.
• Conduct regular health checks to monitor system availability and security status.
• Assist in identifying system vulnerabilities and support mitigation efforts.
• Help identify unused features within the system to enhance efficiency.
• Monitor system performance and report on any issues requiring attention.
• Participate in regular system clean-up activities.
• Assist in disaster recovery drills.
• Collaborate with network engineers, system administrators, and security professionals to resolve complex technical issues.
• Coordinate and communicate issues requiring escalation to different teams and initiate follow-up procedures.
• Analyze and review fault reports to identify root causes and generate incident reports.
• Open and manage tickets with vendors to identify and resolve root causes of network issues.
• Collaborate with vendor support teams to ensure timely and effective resolution of faults.
• Track and monitor vendor performance, maintaining records of ticket statuses and following up with vendors.
• Keep detailed records of all communications with vendors.
• Implement and maintain network security infrastructure, ensuring stability and availability on a 24/7 basis.
• Document lessons learned that convey the results of events and/or exercises.
• Facilitate the sharing of "best practices" and "recommendations" throughout cyber operations with customers.
• Contribute to the overall success of the company by performing all other duties and responsibilities as assigned by the line manager.

Qualifications and Requirements

• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related discipline.
• 6-10 years of relevant experience.
• Proven experience in network security operations, preferably in a telecom environment.
• Strong understanding of next-generation firewalls (*, FortiGate, Palo Alto, Cisco-FTDs), IPS, NAC, VPNs (IPSEC, Dial-up, SSL etc), and NAT.
• Advanced knowledge in IT security infrastructure.
• Intermediate knowledge in the 6 phases of Incident Response.
• Intermediate proficiency in an IT operational environment as a security system administrator.
• Intermediate knowledge of a variety of operating systems, with good systems administration experience.
• In-depth knowledge of security protocols and principles.
• Proficiency in networking technologies, network security, and network monitoring solutions.
• Advanced troubleshooting and diagnostic skills to efficiently resolve complex issues.
• In-depth understanding of TCP/IP, network protocols, packet capture, WireShark, and tcpdump.
• Must understand security and incident response best practices.
• Hands-on or operational exposure to SS7, Diameter, GTP/GTP-C protocols, signaling security concepts, and telecom environments.
• Understanding of telecom security platforms, signaling traffic behavior, and telecom service continuity requirements.
• Experience in mission-critical operational environments, incident handling, troubleshooting, and change management processes.
• Familiarity with telecom security threats, signaling vulnerabilities, roaming-related risks, and service assurance concepts is preferred.

Required Skills

• Network system security
• IT System security
• Firewalls
• Intrusion Detection/Prevention Systems (IDS/IPS)
• VPNs
• Access Control Lists (ACLs)
• Network security policies
• System and Network Logging
• TCP/IP
• DNS
• HTTP/S
• SSL/TLS
• Cisco ASA/FTD
• Palo Alto
• Fortinet
• Juniper
• SIEM tools
• Splunk
• QRadar
• Encryption algorithms
• Security Information and Event Management (SIEM)
• Incident Response
• Operating systems
• Communication
• Security protocols
• Networking technologies
• Network security
• Network monitoring solutions
• Troubleshooting
• Diagnostic skills
• Network protocols
• Packet capture
• WireShark
• tcpdump
• Problem-solving skills
• Communication skills
• Security and incident response best practices
• Teamwork
• SS7
• Diameter
• GTP/GTP-C
• Telecom signaling security
• Telecom environments
• Telecom security platforms
• Signaling traffic behavior
• Telecom service continuity
• Mission critical operational environments
• Incident handling
• Change management processes
• Telecom security threats
• Signaling vulnerabilities
• Roaming related risks
• Service assurance concepts
• Next-generation firewalls
• FortiGate
• Cisco-FTDs
• IPS
• NAC
• IPSEC
• Dial-up VPNs
• SSL VPNs
• NAT
• IT security infrastructure
• System administration
• Advanced proficiency in communicating effectively with a range of security professionals and to simplify complex technical issues.

Work Environment and Experience

This is a full-time position based in Riyadh, Saudi Arabia. The role requires 5-10 years of experience in network security operations, with a strong preference for experience within a telecom environment. Professional certificates such as Cisco-CCIE(Sec), Juniper-JNCIE(Sec), Fortinet-NSE7, PaloAlto-PCNSE, CompTIA Security+, or CISM are considered preferred.