Enterprise IT Manager - IT Security Projects

Job description / Role

The main purpose of this role is to ensure that installed internal IT applications and infrastructure are designed and implemented to the highest standards thus maintaining and enhancing IT security. The candidate should be able to analyze system services, operating systems, networks and applications from a security perspective and discovering security issues that appear under new threat scenarios.

This position will provide you with a challenging opportunity. You will participate in security audits, risk analysis, vulnerability testing and security reviews on many elements in a mobile operator environment.

The IT Manager will be accountable to audit, monitor and manage physical and remote access through monitor, audit and report control of the physical security of all technology sites and apply a regular audit on employees, managed service and 3rd party vendors accounts and access to the network / IT elements and report on all items that are non-compliant with security and administration process.

- Accountable to audit, monitor and manage physical and remote access through monitoring, and report control of the physical security of all technology sites.
- Perform a regular audit on employees, managed service and third party vendors accounts and access to the network / IT elements and report on all items that are non-compliant with security and administration process.
- Auditing internal IT protocols, systems, interfaces, access procedures as well as security permissions to IT infrastructure and sensitive information.
- Identify security issues and risks, and develop mitigation plans
- Architect, design, implement, support, and evaluate security-focused tools and services including project leadership roles
- Develop and interpret security policies and procedures
- Mentor junior members of the team
- Participate in security compliance efforts
- Develop and deliver training materials and perform general security awareness and specific security technology training
- Acquisition and vendor risk assessment due diligence
- Evaluate and recommend new and emerging security products and technologies
- Participate in tier 2 and tier 3 security operations support
- Participate in incident handling
- Participate in projects that develop new intellectual property
- Evangelize security within Company and be an advocate for customer trust

Requirements

- Experience and expertise with ethical hacking, firewall and intrusion detection/prevention technologies, secure coding practices and threat modeling
- Must have solid working experience and knowledge of Windows and Unix/Linux operating systems
- Experience in designing secure network architectures, virtualization technologies, MySQL/MSSQL database platforms, identity and access management principles, application security, encryption technologies, DNS, SOA and web applications
- Experience with DotDefender, TippingPoint, Sophos and PCI compliance a plus
- Strong process and procedure ownership experience for system audits
- 10+ years of experience in network, server or application security positions
- Hands on experience in IT governance
- Experience with service-oriented architecture and web services security desired
- Experience with the application of threat modelling or other risk identification techniques
- Detailed knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits
- Excellent written and verbal communication skills
- Excellent leadership skills and teamwork skills
- Results oriented, high energy, self-motivated
- Excellent communication skills
- Superior written and oral communication and listening skills
- Ability to demonstrate leadership and control complex projects
- Strong interpersonal and engagement management skills
- High level of professionalism, integrity and commitment to quality
- Ability to effectively prioritize and execute tasks in a high-pressure environment
- Previous experience in delivery of large scale IT security and audit projects
- Recognized IT certification.
- ITIL/BCS IT Governance/ ISACA - Or similar

About the Company

Saudi Networkers Services, incorporated in 2001 with an aim to provide the world class business and consulting services through a combination of market insight, technical excellence and unrivalled agile methodology.

Our success stems from building strong relationships and trusted partners, which enabled us delivering exceptional services to public sector, as well as some world's leading organizations, in Telecommunication, Information Technology, Cyber Security, Banking, Energy, Utilities and various other industry arenas.

We collaborate closely, ideate that how the work gets done, while working alongside businesses to collaborate on growth and applying breakthrough innovations, that drive exponential impact, managed by teams specialized in their assigned industry sectors.