Security Solutions Engineer

Jeddah, Saudi Arabia Posted on 11/01/2025

Sama Wave is a solutions provider based in Jeddah, Saudi Arabia. We specialize in empowering companies' communication capabilities to enhance user experiences and maximize employee satisfaction across all levels within an organization.

Job Summary:

The Cybersecurity Engineer at Sama Wave Solutions
willbe responsible for designing, deploying, and maintaining advanced security solutions for clients across various sectors. The role combines technical expertise, regulatory awareness, and customer-facing skills to deliver reliable and compliant cybersecurityinfrastructures.

The successful candidate will be responsible for safeguarding the organization's digital assets, infrastructure, and customer environments against evolving cyber threats. This role involves a combination of hands-on security engineering, architecture design, threat analysis, andpolicy development across on-premises, cloud, and hybrid systems.

The ideal candidate is proactive,detail-oriented, and capable of balancing technical excellence with business requirements-ensuring that security controls enhance, not hinder, productivity and innovation.

Tasks and Responsibilities:

1. Infrastructure & Network Security

• Design,configure, and maintain security controls across LAN/WAN, data centers,and cloud networks.
• Implement and manage firewalls, IPS/IDS, secure VPNs, and segmentation policies.
• Administer and monitor Next-Generation Firewalls (NGFW) such as Fortinet Forti Gate , Cisco ASA/Firepower, Palo Alto Networks
  , or similar.
• Manageand audit network access control (NAC) systems and network visibility tools.
• Apply Zero Trust principles (ZTNA, micro-segmentation, and continuous authentication).
• Deployand manage endpoint protection platforms (e.g.,
  Sentinel One, Microsoft Defender for Endpoint, Crowd Strike
  ).
• Maintain server security baselines for Windows and Linux environments.
• Apply security hardening across Active Directory, DNS, DHCP, mail, and web servers.
• Implement
  
  EDR/XDR solutions, ensuring continuous monitoring and proactive remediation.
• Collaborate with software teams to ensure applications follow secure coding and OWASPguidelines.

3. Threat Detection & Incident Response

• Monitor
  
  SIEM dashboards and correlate events from multiple sources (firewalls,IDS, endpoints, cloud).
• Conduct initial triage, root cause analysis, and containment of security incidents.
• Lead digital forensics investigations and evidence collection when required.
• Develop and maintain the Incident Response Plan (IRP) and coordinate post-incident reviews.
• Collaborate with internal IT and third-party SOCs for continuous threat management.

4. Vulnerability Management & Risk Assessment

• Perform regular vulnerability scans, penetration tests, and configuration audits.
• Assessand classify vulnerabilities based on risk impact and exposure level.
• Trackand verify remediation progress with respective system owners.
• Prepare executive-level reports summarizing key risks, trends, and recommendedmitigations.
• Ensure compliance with security frameworks (e.g., ISO 27001, NIST SP 800-53, CIS,PCI-DSS).

5. Cloud & Identity Security

• Implement identity and access management (IAM) solutions across hybrid environments.
• Configure
  
  MFA, SSO, and conditional access policies via Azure AD, Okta, or similar.
• Securecloud workloads (Azure, AWS, or GCP) through encryption, key management,and IAM policies.
• Regularly audit access logs, role assignments, and privileged accounts.
• Support secure integration between on-prem and cloud applications (VPN,Express Route, SASE).

6. Governance, Risk, & Compliance (GRC)

• Maintain and enforce the organization's cybersecurity policies, standards, and procedures.
• Participate in internal and external security audits, providing evidence and remediation plans.
• Support data privacy compliance under GDPR and local Saudi regulations (e.g., NCA,CITC, SDAIA).
• Document all security controls, changes, and incidents for full traceability.

7. Security Awareness & Training

• Conduct regular training sessions for employees to promote security best practices.
• Develop awareness campaigns around phishing, password hygiene, and safe remote access.
• Collaborate with HR and management to integrate security onboarding for new hires.
• Stayinformed about emerging threats, exploits, and industry trends.
• Evaluate and recommend new security solutions, automation tools, and managedservices.
• Participate in vendor webinars, security communities, and certification programs.
• Contribute to long-term security roadmap planning and budget forecasting.

Qualification (Education/Work Experience) :

Bachelor's degree in Cybersecurity, Information Security, or related field (or equivalent experience).

Hands-on expertise with Fortinet (Forti Gate, Forti Analyzer,Forti Manager), Sophos (XG,Intercept X, Central), and Ciscosecurity solutions (ASA, Firepower, Umbrella, ISE).

Strong understanding of network security, VPN, encryption,IPSec, SSL, and NAC.

Familiarity with SIEM tools (e.g., Forti

SIEM, Splunk, QRadar) and SOC operations.

Experience with cloud…