Security Solutions Engineer

Jeddah, Saudi Arabia Posted on 11/01/2025

Sama Wave is a solutions provider based in Jeddah, Saudi Arabia. We specialize in empowering companies' communication capabilities to enhance user experiences and maximize employee satisfaction across all levels within an organization.

Job Summary:

The Cybersecurity Engineer at Sama Wave Solutions
willbe responsible for designing, deploying, and maintaining advanced security solutions for clients across various sectors. The role combines technical expertise, regulatory awareness, and customer-facing skills to deliver reliable and compliant cybersecurityinfrastructures.

The successful candidate will be responsible for safeguarding the organization's digital assets, infrastructure, and customerenvironments against evolving cyber threats. This role involves a combination of hands-on security engineering, architecture design, threat analysis, andpolicy development across on-premises, cloud, and hybrid systems.

The ideal candidate is proactive,detail-oriented, and capable of balancing technical excellence with business requirements-ensuring that security controls enhance, not hinder, productivity and innovation.

Tasks and Responsibilities:

1. Infrastructure & Network Security

• Design,configure, and maintain security controls across LAN/WAN, data centers,and cloud networks.
• Implement and manage firewalls, IPS/IDS, secure VPNs, and segmentation policies.
• Administer and monitor Next-Generation Firewalls (NGFW) such as Fortinet Forti Gate , Cisco ASA/Firepower, Palo Alto Networks
  , or similar.
• Manageand audit network access control (NAC) systems and network visibilitytools.
• Apply Zero Trust principles (ZTNA, micro-segmentation, and continuousauthentication).
• Deployand manage endpoint protection platforms (e.g.,
  Sentinel One, Microsoft Defender for Endpoint, Crowd Strike
  ).
• Maintainserver security baselines for Windows and Linux environments.
• Apply security hardening across Active Directory, DNS, DHCP, mail, and web servers.
• Implement
  
  EDR/XDR solutions, ensuring continuous monitoring and proactiveremediation.
• Collaborate with software teams to ensure applications follow secure coding and OWASPguidelines.

3. Threat Detection & Incident Response

• Monitor
  
  SIEM dashboards and correlate events from multiple sources (firewalls,IDS, endpoints, cloud).
• Conduct initial triage, root cause analysis, and containment of security incidents.
• Lead digital forensics investigations and evidence collection when required.
• Develop and maintain the Incident Response Plan (IRP) and coordinate post-incidentreviews.
• Collaborate with internal IT and third-party SOCs for continuous threat management.

4. Vulnerability Management & Risk Assessment

• Performregular vulnerability scans, penetration tests, and configuration audits.
• Assessand classify vulnerabilities based on risk impact and exposure level.
• Trackand verify remediation progress with respective system owners.
• Prepare executive-level reports summarizing key risks, trends, and recommendedmitigations.
• Ensure compliance with security frameworks (e.g., ISO 27001, NIST SP 800-53, CIS,PCI-DSS).

5. Cloud & Identity Security

• Implementidentity and access management (IAM) solutions across hybrid environments.
• Configure
  
  MFA, SSO, and conditional access policies via Azure AD, Okta, or similar.
• Securecloud workloads (Azure, AWS, or GCP) through encryption, key management,and IAM policies.
• Regularlyaudit access logs, role assignments, and privileged accounts.
• Supportsecure integration between on-prem and cloud applications (VPN,Express Route, SASE).

6. Governance, Risk, & Compliance (GRC)

• Maintain and enforce the organization's cybersecurity policies, standards, and procedures.
• Participate in internal and external security audits, providing evidence and remediation plans.
• Support data privacy compliance under GDPR and local Saudi regulations (e.g., NCA,CITC, SDAIA).
• Document all security controls, changes, and incidents for full traceability.

7. Security Awareness & Training

• Conduct regular training sessions for employees to promote security best practices.
• Developawareness campaigns around phishing, password hygiene, and safe remoteaccess.
• Collaborate with HR and management to integrate security onboarding for new hires.
• Stay informed about emerging threats, exploits, and industry trends.
• Evaluate and recommend new security solutions, automation tools, and managed services.
• Participate in vendor webinars, security communities, and certification programs.
• Contribute to long-term security roadmap planning and budget forecasting.

Qualification (Education/Work Experience) :

Bachelor's degree in Cybersecurity, Information Security, or related field (or equivalent experience).

Hands-on expertise with Fortinet (Forti Gate, Forti Analyzer,Forti Manager), Sophos (XG,Intercept X, Central), and Ciscosecurity solutions (ASA, Firepower, Umbrella, ISE).

Strong understanding of network security, VPN, encryption,IPSec, SSL, and NAC.

Familiarity with SIEM tools (e.g., Forti

SIEM, Splunk, QRadar) and SOC operations.

Experience with cloud…