Senior IT Security Engineer

at  webookcom

Do you want to love what you do at work? Do you want to make a difference, an impact, and transform people’s lives? Do you want to work with a team that believes in disrupting the normal, boring, and average?
If yes, then this is the job you’re looking for ,webook.com is Saudis #1 private event ticketing and experience booking platforms in terms of technology, features, agility, revenue serving some of the largest mega events in the Kingdom surpassing half a billion in sales. webook.com is part of the Supertech Group also consisting of UXBERT Labs, one of the best digital and user experience design agencies in the GCC, along with Kafu Games, the largest esports tournament platform in MENA.

JOB SUMMARY:

The Senior IT Security Engineer will be responsible for designing, implementing, and maintaining the organization’s IT security infrastructure. This role involves protecting systems, networks, and data from security threats, as well as developing security policies and procedures to mitigate risks. The ideal candidate will have extensive experience in cybersecurity, a deep understanding of security protocols, and the ability to lead security initiatives.

QUALIFICATIONS:

• Bachelors degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Proven experience in IT security, with at least [insert number] years in a senior security role.
• Strong knowledge of security frameworks (e.g., NIST, ISO 27001) and security technologies (e.g., firewalls, intrusion detection/prevention systems, SIEM).
• Experience with threat modeling, risk assessment, and incident response.
• Relevant certifications such as CISSP, CISM, CEH, or equivalent are highly desirable.
• Excellent analytical and problem-solving skills, with the ability to work under pressure and manage multiple priorities.

• Design and implement security architectures and solutions that align with industry standards and best practices.
• Evaluate and recommend security technologies and solutions to enhance overall security posture.
• Collaborate with IT teams to integrate security measures into system designs and operations.
• Monitor security events and alerts, conducting thorough investigations of incidents and breaches.
• Develop and implement incident response plans to effectively address and remediate security incidents.
• Perform vulnerability assessments and penetration testing to identify weaknesses and recommend remediation strategies.
• Develop and enforce security policies, procedures, and guidelines in accordance with regulatory requirements and industry standards.
• Ensure compliance with relevant regulations (e.g., GDPR, HIPAA, PCI DSS) and organizational security policies.
• Conduct regular security audits and assessments to evaluate the effectiveness of security controls.
• Identify and assess potential security risks and vulnerabilities across the organizations IT environment.
• Develop risk mitigation strategies and ensure appropriate measures are in place to safeguard sensitive data and systems.
• Conduct regular reviews of security protocols and adjust as necessary based on evolving threats.
• Conduct security awareness training for employees to promote a culture of security within the organization.
• Stay updated on the latest cybersecurity trends, threats, and technologies, and share knowledge with the IT team and organization.
• Work closely with cross-functional teams to ensure security measures are integrated into all projects and operations.
• Prepare and present regular reports on security incidents, vulnerabilities, and the overall security posture of the organization to stakeholders.
• Serve as the primary point of contact for all security-related issues and inquiries.