Security Information Engineer – Security Tools

Location: [Saudia Arabia /Riyadh or Remote]

Department: Cybersecurity / Information Security

Reports To: Information Security Manager / Security Engineering Lead

Job Type: Full-Time / Contract / Remote

Job Summary:

We are seeking a highly skilled Security Information Engineer with expertise in security tools engineering, including the design, deployment, and management of firewalls, SIEM platforms, endpoint security, and vulnerability management systems. This role is critical to strengthening our organization's cybersecurity posture through the effective implementation and maintenance of enterprise-grade security solutions across on-prem and cloud environments.

Key Responsibilities:

Security Tools Engineering

• Deploy, configure, and maintain core security tools, including:
• Firewalls (e.g., Palo Alto, Fortinet, Cisco ASA/Firepower, Check Point)
• SIEM solutions (e.g., Microsoft Sentinel, Splunk, QRadar)
• EDR/XDR platforms (e.g., Microsoft Defender for Endpoint, CrowdStrike, SentinelOne)
• Vulnerability Scanners (e.g., Tenable, Qualys, Rapid7)
• SOAR platforms and automation tools
• Cloud-native security tools (e.g., Azure Defender, AWS WAF, Security Hub)
• Manage firewall rule changes, configurations, NAT policies, and access control lists (ACLs), ensuring least-privilege access.
• Monitor performance, health, and security telemetry across all tools and respond to anomalies or failures.

Threat Detection & Response Support

• Fine-tune and maintain detection rules and alerts across SIEM and EDR platforms.
• Integrate logging from firewalls, endpoints, cloud resources, and servers into centralized monitoring platforms.
• Support incident response and forensic investigations by providing data, tool insights, and root cause analysis.
• Work closely with SOC and Threat Intel teams to optimize detection and response capabilities.

Cloud & Hybrid Security Integration

• Ensure consistent monitoring and control across hybrid environments (on-prem, Azure, AWS, etc.).
• Configure cloud firewalls, network security groups, and logging mechanisms in line with organizational policies.

Compliance & Reporting

• Assist in generating reports and dashboards for compliance frameworks (e.g., NIST, ISO 27001, HIPAA, PCI-DSS).
• Maintain documentation for configurations, runbooks, and standard operating procedures (SOPs).

Required Qualifications:

• Bachelor's degree in Cybersecurity, Information Technology, or related field (or equivalent experience).
• 3+ years of experience in security engineering, infrastructure security, or network security roles.
• Hands-on experience managing firewalls (e.g., Palo Alto, Fortinet, Cisco, etc.).
• Strong experience with SIEM, EDR, and vulnerability management tools.
• Familiarity with cloud security controls in Azure, AWS, or GCP.
• Understanding of TCP/IP, routing, VPNs, NAT, ACLs, and network segmentation.
• Scripting knowledge (e.g., PowerShell, Python, Bash) for automation and log parsing.

Preferred Qualifications:

Security certifications such as:

• Palo Alto PCNSA/PCNSE
• Microsoft SC-200 / SC-300
• CompTIA CySA+ / Security+
• GIAC Security Tools Engineer (GSTE)
• Certified Ethical Hacker (CEH)

Experience with:

• Firewall policy audits and automation
• Zero Trust Architecture
• Cloud security posture management (CSPM) tools

Soft Skills:

• Strong problem-solving and troubleshooting skills.
• Excellent verbal and written communication.
• Ability to manage multiple projects and priorities independently.
• Collaborative mindset with cross-functional IT and DevOps teams.

Working Conditions:

• May participate in on-call rotation or incident response after hours.
• Remote work options available (depending on company policy).
• Occasional travel for team collaboration or training (if applicable)

Job Type: Full-time

Pay: Php20, Php40,000.00 per month

Benefits:

• Flextime
• Work from home

Education:

• Bachelor's (required)

Experience:

• Information security: 5 years (preferred)

Work Location: Remote