The security Engineer at SamaWave Solutions will be responsible for designing, deploying, and maintaining advanced security solutions for clients across various sectors. The role combines technical expertise, regulatory awareness, and customer-facing skills to deliver reliable and compliant cybersecurity infrastructures.The successful candidate will be responsible for safeguarding the organization’s digital assets, infrastructure, and customer environments against evolving cyber threats. This role involves a combination of hands-on security engineering, architecture design, threat analysis, and policy development across on-premises, cloud, and hybrid systems. The ideal candidate is proactive, detail-oriented, and capable of balancing technical excellence with business requirements—ensuring that security controls enhance, not hinder, productivity and innovation. Tasks and Responsibilities: 1. Infrastructure & Network SecurityDesign, configure, and maintain security controls across LAN/WAN, data centers, and cloud networks.Implement and manage firewalls, IPS/IDS, secure VPNs, and segmentation policies.Administer and monitor Next-Generation Firewalls (NGFW) such as Fortinet FortiGate, Cisco ASA/Firepower, Palo Alto Networks, or similar.Manage and audit network access control (NAC) systems and network visibility tools.Apply Zero Trust principles (ZTNA, micro-segmentation, and continuous authentication).2. Endpoint, Server & Application SecurityDeploy and manage endpoint protection platforms (e.g., SentinelOne, Microsoft Defender for Endpoint, CrowdStrike).Maintain server security baselines for Windows and Linux environments.Apply security hardening across Active Directory, DNS, DHCP, mail, and web servers.Implement EDR/XDR solutions, ensuring continuous monitoring and proactive remediation.Collaborate with software teams to ensure applications follow secure coding and OWASP guidelines. 3. Cloud & Identity SecurityImplement identity and access management (IAM) solutions across hybrid environments.Configure MFA, SSO, and conditional access policies via Azure AD, Okta, or similar.Secure cloud workloads (Azure, AWS, or GCP) through encryption, key management, and IAM policies.Regularly audit access logs, role assignments, and privileged accounts.Support secure integration between on-prem and cloud applications (VPN, ExpressRoute, SASE).4. Security Awareness & TrainingConduct regular training sessions for employees to promote security best practices.Develop awareness campaigns around phishing, password hygiene, and safe remote access.Collaborate with HR and management to integrate security onboarding for new hires.5. Research, Development & Continuous ImprovementStay informed about emerging threats, exploits, and industry trends.Evaluate and recommend new security solutions, automation tools, and managed services.Participate in vendor webinars, security communities, and certification programs.Contribute to long-term security roadmap planning and budget forecasting.RequirementsQualification (Education/Work Experience) : · Bachelor’s degree in Cybersecurity, Information Security, or related field (or equivalent experience). · Hands-on expertise with Fortinet (FortiGate, FortiAnalyzer, FortiManager), Sophos (XG,Intercept X, Central), and Cisco security solutions (ASA, Firepower, Umbrella, ISE).· Strong understanding of network security, VPN, encryption, IPSec, SSL, and NAC.· Experience with cloud security (Azure/AWS/GCP) is a plus.· Knowledge of Saudi cybersecurity regulatory frameworks: NCA ECC, SAMA Cybersecurity Framework.· Preferred certifications: Fortinet NSE 4–7, Sophos Certified Engineer, Cisco CCNP Security, Having the below is a plus:- Familiarity with SIEM tools (e.g., FortiSIEM, Splunk, QRadar) and SOC operations.- CEH, CISSP, or Security+ Certificates
