Senior Network & Email Security Engineer (5+ years) — Saudi National - CBT | Career Page

CBT

Senior Network & Email Security Engineer (5+ years) — Saudi National

Riyadh, Saudi Arabia

Apply for Position Or refer someone

Job Openings Senior Network & Email Security Engineer (5+ years) — Saudi National

About the job Senior Network & Email Security Engineer (5+ years) — Saudi National

Job Title

Senior Network & Email Security Engineer (5+ years) — Saudi National

Job Summary:

Maintain a hardened perimeter and secure enterprise email with full operational

evidence for audits and transition stability. This role owns day-to-day operations,

hygiene, incident response, and change control across network security controls and

the email security gateway in Client’s production environment.

In-scope technologies (representative, non-exhaustive)

 Network Security: Next-Gen Firewalls (e.g., Palo Alto / equivalent), site-to-site &

remote-access VPN, IPS/Threat Prevention, URL filtering, WildFire/sandboxing

(or equivalent), SSL decryption where applicable, HA/failover, logging to SIEM.

 Email Security: Secure Email Gateway (e.g., Proofpoint or equivalent):

inbound/outbound policies, anti-phishing/BEC, impersonation protection, URL

rewriting/sandboxing, attachment detonation, quarantine workflows, user digests,

SPF/DKIM/DMARC posture checks (with Messaging team).

Responsibilities

1. Operational Ownership (Network)

 Daily health checks for NGFW clusters, threat/content updates, license/status,

HA sync/state.

 Rulebase hygiene: reduce unused/overlapping rules, enforce least privilege,

maintain application-based policies, validate security profiles (AV/IPS/URL

filtering).

 Remote access posture (e.g., GlobalProtect or equivalent): portal/gateway

policies, MFA integration with IAM team, and user experience SLAs.

 Traffic troubleshooting: ACC/log analysis, PCAPs, policy simulation; coordinate

fixes with platform owners.

2. Operational Ownership (Email Security)

 Inbound/outbound policy tuning; phishing/BEC controls and executive spoof

protection.

 URL and attachment sandboxing effectiveness; manage quarantine queues and

approval flows.

 Partner with Messaging team on SPF/DKIM/DMARC alignment; monitor sending

reputation and delivery health.

 Provide user-facing guidance (digests, safe release, false positive/negative

handling).

3. Incident Response & Threat Handling

 Lead P1 incidents across perimeter/email; coordinate with SOC (SIEM alerts,

playbooks).

 Rapid containment (block rules, URL detonation verdicts, sender throttling),

evidence capture, and RCA with corrective actions.

4. Change, Patch & Upgrades

 Prepare CAB-ready change plans (impact, test, rollback) for signature/content

updates, firmware upgrades, and policy changes.

 Post-change validation and documentation.

5. Compliance & Evidence

 Maintain audit-ready artifacts: change tickets/approvals, policy exports, content

update logs, quarantine reports, incident timelines, and monthly posture reviews.

 Familiarity with SAMA & NCA CSF audit and regulations requirements.

 Support internal/external audits with traceable evidence.

6. Documentation & KT

 Own runbooks/SOPs (policy hygiene, incident triage, quarantine workflows,

upgrade steps).

 Mentor L1/L2; drive shadow → reverse-shadow.

Required Qualifications

 Saudi National; 5+ years in enterprise network and email security operations.

 Hands-on with NGFWs (preferably Palo Alto) and a major Secure Email

Gateway (e.g., Proofpoint).

 Strong change/incident management discipline; clear written reports in English

(Arabic a plus).

 Comfortable with packet analysis, SSL decryption concepts, and mail flow basics

with messaging teams.

Preferred

 Banking/regulated-sector experience.

 Experience integrating controls with SIEM/SOAR.

 Certifications: PCNSE (or equivalent NGFW), vendor SEG certification, ITIL.

Success KPIs (first 90–180 days)

 NGFW: rulebase cleanup achieved (unused/overlap ↓), security profiles applied

to 100% Internet-bound policies; HA stability with zero unscheduled failovers.

 VPN: user connectivity SLA met; MFA posture validated; incident MTTR ≤ agreed

SLA.

 Email: measurable drop in false negatives for phishing/BEC; quarantine SLA

adherence; monthly evidence packs accepted in internal pre-audit.

Location & Model

 On-site at Client’s Premises (Riyadh), Sun–Thu; on-call for P1s/changes.

Apply for Position
Or refer someone

Share

• Facebook
• Line
• [ LinkedIn](https://www.linkedin.com/shareArticle?mini=true&url=https://www.careers-page.com/cbt-12/job/W3674989&title=Senior Network & Email Security Engineer (5+ years) — Saudi National)
• X (Formerly Twitter)
• Whatsapp
• [ Email](https://www.careers-page.com/cbt-12mailto://?&subject=Job: Senior%20Network%20%26%20Email%20Security%20Engineer%20%285%2B%20years%29%20%E2%80%94%20Saudi%20National&body=Hi there,%0D%0A %0D%0A I would like to share with you this job:%0D%0A %0D%0A https://www.careers-page.com/cbt-12/job/W3674989%0D%0A %0D%0A Best regards%0D%0A)

Powered by Manatal