Red Team Cyber Security Analyst
3 weeks ago
Aramco occupies a unique position in the global energy industry. We are the world's largest producer of hydrocarbons (oil and gas), with the lowest upstream carbon intensity of any major producer.
With our significant investment in technology and infrastructure, we strive to maximize the value of the energy we produce for the world along with a commitment to enhance Aramco's value to society.
Headquartered in the Kingdom of Saudi Arabia, and with offices around the world, we combine market discipline with a generations' spanning view of the future, born of our nine decades experience as responsible stewards of the Kingdom's vast hydrocarbon resources. This responsibility has driven us to deliver significant societal and economic benefits to not just the Kingdom, but also to a vast number of communities, economies, and countries that rely on the vital and reliable energy that we supply.
We are one of the most profitable companies in the world, as well as amongst the top five global companies by market capitalization.
Overview
We are seeking a Senior Red Team Expert to join the Information Security Compliance Division (ISCD) of Information Security Department (ISD).
The ISCD is responsible for ensuring compliance with the enterprise's information security policies & standards, regulatory requirements & contractual requirements for all entities, technical platforms and cybersecurity domains.
The Administrator is primarily responsible for ensuring the development and execution of the global cybersecurity compliance framework and process to ensure that required cybersecurity controls are implemented. The Administrator is also responsible for ensuring the development and execution of Red Team framework, process, and protocol to provide assurance on cybersecurity identification, protection, detection & response capabilities, and to verify readiness and effectiveness of implemented cybersecurity controls on people, process and technologies. This role monitors & reports on status of non-compliance to related enterprise's Cybersecurity governing documents, national cybersecurity regulations and Red Team Findings.
The Cybersecurity Specialist primary role is to conduct a comprehensive security assessment, including penetration testing, vulnerability assessments, social engineering, and simulating real-world attacks to evaluate the effectiveness of our organization's security measures.
Duties & Responsibilities
- Perform comprehensive security assessments, including penetration testing, vulnerability assessments, and social engineering, to identify potential vulnerabilities in company's infrastructure, systems, and applications.
- Develop and execute detailed red teaming strategies tailored to the specific challenges and risks faced by the oil and gas industry, testing the effectiveness of our security controls in protecting critical assets.
- Collaborate with cross-functional teams, including operations, IT, and engineering, to identify and prioritize critical assets, systems, and applications for testing, with a focus on protecting operational technology (OT) environments.
- Provide guidance and mentorship to junior team members, offering technical expertise and promoting professional growth in the context of oil and gas cybersecurity.
- Generate detailed reports outlining findings, recommendations, and remediation strategies to improve the overall security posture of our oil and gas infrastructure.
- Stay up-to-date with the latest hacking techniques, threat landscape, and industry best practices specific to the oil and gas sector, anticipating and mitigating emerging cybersecurity risks.
- Work closely with stakeholders in the oil and gas company to communicate findings, explain technical concepts, and provide actionable recommendations for risk mitigation, considering the operational and business impact.
- Contribute to the development and enhancement of oil and gas industry-specific red team methodologies, tools, and frameworks to improve testing efficiency and effectiveness.
- Develop and maintain red team infrastructure - Conduct threat intelligence analysis - Participate in purple team exercises - Develop and deliver training on red teaming and offensive security
- Work independently and as part of a team, and be able to communicate effectively with both technical and non-technical audiences.
Minimum Requirements
- A Bachelors degree in Cybersecurity, Computer Science or equivalate degree from a recognized and approved program. An advanced degree in addition to CISSP and CISM certificates are preferred.
- Minimum 10 years of experience in Cybersecurity including knowledge in cybersecurity red teaming.
- You must have strong experience in conducting red team assessments, penetration testing, and vulnerability assessments.
- Proven track record of successfully identifying vulnerabilities and weaknesses in critical infrastructure, SCADA systems, and industrial control systems (ICS) is a requirement.
- Experience with network and application security testing in operational technology (OT) environment is a requirement.
- Familiarity with relevant cybersecurity standards and frameworks specific to the oil and gas industry, such as ISA/IEC 62443, NIST SP 800-82, and API RP 1164 is preferred.
- Experience leading and conducting red team engagements - Experience developing and executing complex attack scenarios - Experience using a variety of offensive security tools and techniques - Experience evading detection and responding to incidents is a requirement.
- You must have deep understanding of oil and gas industry processes, equipment, and technologies, including SCADA, DCS, RTUs, and PLCs.
- Using specialized tools and protocols relevant to oil and gas cybersecurity, such as Wireshark, Modbus, DNP3, and OPC is preferred.
- You must have strong knowledge of scripting languages (e.g., Python, PowerShell) for automation and tool development.
- Excellent problem-solving and analytical skills, with the ability to think creatively and strategically to address oil and gas security challenges is also necessary.
- Effective communication skills, both verbal and written, to convey complex technical concepts to non-technical stakeholders is a requirement.
- Strong project management skills, with the ability to prioritize tasks and meet deadlines in a dynamic environment is also a requirement.
- You must have experience with the MITRE ATT&CK framework - Experience with cloud security Experience with web application security - Experience with exploit development - Experience with reverse engineering
Working environment
Our high-performing employees are drawn by the challenging and rewarding professional, technical and industrial opportunities we offer, and are remunerated accordingly.
At Aramco, our people work on truly world-scale projects, supported by investment in capital and technology that is second to none. And because, as a global energy company, we are faced with addressing some of the world's biggest technical, logistical and environmental challenges, we invest heavily in talent development.
We have a proud history of educating and training our workforce over many decades. Employees at all levels are encouraged to improve their sector-specific knowledge and competencies through our workforce development programs - one of the largest in the world.
Country/Region: SA
-
Cyber Security Analyst
4 weeks ago
Dhahran, Saudi Arabia Wipro Limited Full timeAl Jubail, Saudi Arabia - Tech Hiring - 3068601 **Job Description**: **_Role Purpose_** - The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information_ **_Do_** - **_Ensuring customer centricity by providing apt cybersecurity...
-
Cyber Security Analyst
3 weeks ago
Dhahran, Saudi Arabia Wipro Limited Full timeOverview: **_ Role Purpose_** - The purpose of this role is to analyse, identify, rectify &recommend specific improvement measures that help in the securityposture of the organization by protecting the sensitive information_ **_ Do_** - **_ Ensuring customer centricity by providing aptcybersecurity _** - _Monitoring and safeguarding the log sources and...
-
Cyber Security Specialist
3 weeks ago
Dhahran, Saudi Arabia MatchaTalent Full timeThis role required candidate to permanently relocate at Dhahran Saudi Arabia. About the Company This company engages in the exploration production transportation and sale of crude oil and natural gas. It operates through the following segments: Upstream Downstream and Corporate. The Upstream segment includes crude oil natural gas and natural gas liquids...
-
Cyber Security Specialist
3 weeks ago
Dhahran Al Janub, Saudi Arabia MatchaTalent Full timeThis role required candidate to permanentlyrelocate at Dhahran Saudi Arabia.About the Company This company engages in the exploration productiontransportation and sale of crude oil and natural gas. It operatesthrough the following segments: Upstream Downstream and Corporate.The Upstream segment includes crude oil natural gas and natural gasliquids...
-
Cyber Security Analyst
4 weeks ago
Dhahran, Saudi Arabia Talent Pal Full timeAl Jubail, Saudi Arabia - Tech Hiring - 3068601 **Job Description**: **_Role Purpose_** - The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information_ **_ Do_** - **_Ensuring customer centricity by providing apt...
-
Dhahran, Saudi Arabia MatchaTalent Full timeThis role required candidate to permanently relocate at Dhahran Saudi Arabia. About the Company This company engages in the exploration production transportation and sale of crude oil and natural gas. It operates through the following segments: Upstream Downstream and Corporate. The Upstream segment includes crude oil natural gas and natural gas liquids...
-
Lead Operating System Analyst
3 weeks ago
Dhahran, Saudi Arabia MatchaTalent Full timeThis role required candidate to permanently relocate at Dhahran Saudi Arabia. About the Company This company engages in the exploration production transportation and sale of crude oil and natural gas. It operates through the following segments: Upstream Downstream and Corporate. The Upstream segment includes crude oil natural gas and natural gas liquids...
-
Global Oil Gas Senior Cyber Security Specialist
3 weeks ago
Dhahran, Saudi Arabia MatchaTalent Full timeThis role required candidate to permanently relocate at Dhahran Saudi Arabia. About the Company This company engages in the exploration production transportation and sale of crude oil and natural gas. It operates through the following segments: Upstream Downstream and Corporate. The Upstream segment includes crude oil natural gas and natural gas liquids...
-
Cyber Security Architect
4 weeks ago
Dhahran, Saudi Arabia Wipro Limited Full timeAl Jubail, Saudi Arabia - Tech Hiring - 3065142 **_Role Purpose_** - Designing and implementing new network solutions and/or improving the efficiency of current networks as per business requirements_ - Managing NGFWs that includes Palo alto, CISCO, Fortigate, ISE/ASA and other Security Components_ - enforce security policies and procedures to mitigate risks...
-
Global Oil Gas Senior Cyber Security Specialist
4 weeks ago
Dhahran Al Janub, Saudi Arabia MatchaTalent Full timeThis role required candidate to permanentlyrelocate at Dhahran Saudi Arabia.About the Company This company engages in the exploration productiontransportation and sale of crude oil and natural gas. It operatesthrough the following segments: Upstream Downstream and Corporate.The Upstream segment includes crude oil natural gas and natural gasliquids...
-
Cyber Security Specialist
7 days ago
Dhahran, Saudi Arabia Playdawn Full time**Sada Thalate Gulf (STG)** is working with leading petrochemical companies and other excellent partners, we pursue our mission of providing a stable supply of high-quality services to customers by honing the competitiveness of our equity interests while giving due consideration and contributing to environmental protection and community development, and at...
-
Dhahran Al Janub, Saudi Arabia MatchaTalent Full timeThis role required candidate to permanently relocateat Dhahran Saudi Arabia.About the Company This company engages in the exploration productiontransportation and sale of crude oil and natural gas. It operatesthrough the following segments: Upstream Downstream and Corporate.The Upstream segment includes crude oil natural gas and natural gasliquids...
-
Lead Operating System Analyst
4 weeks ago
Dhahran Al Janub, Saudi Arabia MatchaTalent Full timeThis role required candidate to permanently relocateat Dhahran Saudi Arabia.About the Company This company engages in the exploration productiontransportation and sale of crude oil and natural gas. It operatesthrough the following segments: Upstream Downstream and Corporate.The Upstream segment includes crude oil natural gas and natural gasliquids...
-
Ot Security Engineer
23 hours ago
Dhahran, Saudi Arabia Wipro Limited Full timeAl Jubail, Saudi Arabia - Tech Hiring - 3072384 **_Role Purpose_** - The purpose of this role is to design the organisation’s computer and network security infrastructure and protect its systems and sensitive information from cyber threats._ **_ Do_** - **_ Design and develop enterprise cyber security strategy and architecture_** - _ Understand security...
-
Security Operations Center Manager SOC
3 weeks ago
Dhahran, Saudi Arabia Talent Pal Full timeJob Description QualitySearch & Partners is looking for a Security Operations Center manager for our client a leader in the technological solutions sector with a focus on the Saudi market known for its diverse portfolio in electrical electromechanical telecommunications instrumentation and oilfield components. As a SOC Manager youll be at the...
-
Application Security and Vulnerability Analyst
3 weeks ago
Dhahran, Saudi Arabia WhiteCrow Research Full timeAssess Public Cloud Posture and perform compliance assessments of Public Cloud deploymentsDevelop, plan and develop plans to implement security controls and monitoring of security controlsPerform vulnerability assessment scans for cloud native application deploymentsManage vulnerabilities lifecycle from discovery to remediation
-
Security Operations Center Manager SOC
3 weeks ago
Dhahran Al Janub, Saudi Arabia Talent Pal Full timeJobDescription QualitySearch & Partners is looking for a SecurityOperations Center manager for our client a leader in thetechnological solutions sector with a focus on the Saudi marketknown for its diverse portfolio in electrical electromechanicaltelecommunications instrumentation and oilfieldcomponents. As a SOC Manager youll be at the helm...
-
Facility Security Manager
1 week ago
Dhahran, Saudi Arabia Air Products Full timeMEET-KSA-Jubail **Job Description and Qualifications** **COMPANY PROFILE** Air Products Qudra is a regional development and investment joint venture (JV) between Air Products and Qudra Energy, a subsidiary of Vision Invest. Air Products is a world-leading industrial gases company developing, engineering, building, owning and operating many of the world's...
-
Application Security and Vulnerability Analyst
4 weeks ago
Dhahran Al Janub, Saudi Arabia WhiteCrow Research Full timeAssess Public Cloud Posture andperform compliance assessments of Public ClouddeploymentsDevelop, plan and develop plans toimplement security controls and monitoring of securitycontrolsPerform vulnerability assessment scansfor cloud native application deploymentsManagevulnerabilities lifecycle from discovery toremediation
-
Financial Relations Analyst Capital Markets
3 weeks ago
Dhahran, Saudi Arabia Cutting Edge Search Full timeWe are looking for a Capital Markets Lead Financial Analyst/Consultant to join the Treasury's Capital Markets & Financing Department of our client. The successful candidate will analyze Debt capital markets to identify emerging trends supporting the client's global financing strategies and ensuring access to financial markets for expansionary needs....
