Network Email Security Engineer – Riyadh

Network Email Security Engineer – RiyadhManage and support Next-Generation Firewalls (e.g., Palo Alto or equivalent), including site-to-site and remote-access VPNs.Configure and maintain IPS/Threat Prevention, URL filtering, sandboxing (e.g., WildFire or equivalent), and SSL decryption where applicable.Ensure high availability (HA), failover readiness, and seamless logging integration with SIEM platforms.Administer Secure Email Gateway solutions (e.g., Proofpoint or equivalent), including inbound and outbound email security policies.Implement and optimize anti-phishing, Business Email Compromise (BEC), and impersonation protection controls.Manage URL rewriting, attachment sandboxing/detonation, and quarantine workflows.Collaborate with the Messaging team on SPF, DKIM, and DMARC configurations and posture assessments.Perform daily health checks for NGFW clusters, including threat/content updates, licensing, and HA synchronization.Maintain rulebase hygiene by removing unused or redundant rules, enforcing least privilege, and validating security profiles (AV, IPS, URL filtering).Manage remote access solutions (e.g., GlobalProtect or equivalent), including policy configuration, MFA integration with IAM teams, and user experience SLAs.Troubleshoot network traffic issues using log analysis, ACC, PCAPs, and policy simulations in coordination with relevant stakeholders.Continuously tune inbound/outbound policies and strengthen phishing/BEC detection capabilities.Monitor and enhance sandboxing effectiveness for URLs and attachments.Manage quarantine queues, approval workflows, and user notifications (digests).Provide user guidance on safe email practices and handling false positives/negatives.Lead and manage P1 security incidents across network perimeter and email security domains.Coordinate closely with SOC teams for SIEM alerts and response playbooks.Execute rapid containment measures (e.g., blocking rules, URL detonation actions, sender restrictions).Conduct root cause analysis (RCA) and implement corrective/preventive actions.Prepare CAB-ready change requests, including impact analysis, testing, and rollback plans for updates, upgrades, and policy changes.Perform post-change validation and maintain accurate documentation.Maintain audit-ready documentation, including change approvals, policy exports, update logs, quarantine reports, and incident timelines.Conduct regular security posture reviews and reporting.Ensure alignment with regulatory frameworks such as SAMA and NCA CSF.Support internal and external audits with clear, traceable evidence.Develop and maintain runbooks and SOPs covering policy management, incident response, quarantine workflows, and upgrade procedures.Mentor L1/L2 team members and support knowledge transfer through shadowing and reverse-shadowing practices.Qualifications & SkillsHands-on experience with Next-Generation Firewalls (preferably Palo Alto) and a leading Secure Email Gateway solution (e.g., Proofpoint or equivalent).Strong discipline in change and incident management processes, with the ability to produce clear and concise reports in English (Arabic is an advantage).Solid understanding of packet analysis, SSL decryption concepts, and email flow fundamentals, with the ability to collaborate effectively with messaging teams.#J-18808-Ljbffr