Senior Consultant Cybersecurity-Arabic Speaker

Conduct comprehensive cybersecurity maturity assessments across organizational systems and processes, with a focus on aligning with the Capability Maturity Model Integration (CMMI).Perform evaluations that measure the maturity of existing cybersecurity practices, identifying areas of strength and opportunities for improvement.Experience in compliance with relevant regulations, standards, and best practices, including but not limited to:All KSA National Cybersecurity Authority (NCA) regulationsISO 27001 (Information Security Management)Provide detailed, actionable recommendations to address identified gaps during assessments, focusing on improving cybersecurity practices.Develop a clear, strategic roadmap outlining short-term, mid-term, and long-term actions needed to close gaps and achieve maturity goals.Prepare comprehensive reports on assessment findings, compliance status, and risk mitigation strategies, presenting them to senior leadership and relevant stakeholders.Serve as a subject matter expert on cybersecurity, advising organizations on compliance and best practices.Assist members of the Governance, Risk, and Compliance team to answer technical inquiries from auditors and clients.Recommend emerging security technologies/tools to address current and future threats.Interact and handle vendors, outsourcers, and contractors regarding security products and services.Conduct performance and efficacy testing to stress the limitations of security solutions while ensuring business innovation and day-to-day processes are not negatively impacted.Serve as a trusted advisor, collaborating closely with clients to understand their unique challenges and providing expert guidance on cybersecurity and risk management.Manage end-to-end delivery of client engagements, from scoping through execution.Assist clients in developing / enhancing their cybersecurity strategies and multi-year implementation roadmaps, in alignment with their risk landscape.Provide support in the design and implementation of cybersecurity governance frameworks and policies.Conduct comprehensive risk assessments to identify and prioritize cyber risks and develop risk management strategies to mitigate risks effectively.Understanding and experience is preferable but not mandatory.Understanding of Security Configuration Review: Conduct in-depth security configuration reviews for firewalls, routers, switches, servers, and other security devices.Review and assess firewall rulesets, identifying redundant, outdated, or overly permissive rules, and recommend necessary optimizations.Ensure that firewall configurations follow the principle of least privilege and are aligned with security best practices.Understanding of File Integrity Monitoring (FIM): Experience in deploying FIM solutions and monitoring changes in critical system files, directories, and configurations.Experience in continuous monitoring of file changes and generating alerts for unauthorized modifications.Analyze and report on FIM alerts, working with clients to remediate suspicious activity.Provide recommendations for improving FIM configurations based on threat landscape and compliance requirements.Integrate FIM with security operations tools such as SIEM to enhance visibility and threat detection.Antimalware: Assess client environments to recommend the best-fit antivirus and anti-malware solutions.Implement and configure antivirus/anti-malware software across endpoints, servers, and network devices.Monitor and maintain antivirus solutions, ensuring timely signature updates, patches, and upgrades.Integrate antivirus systems with SIEM and other security tools to enhance threat detection and response capabilities.Develop strategies for malware incident response, including investigation, containment, and remediation.Understanding of Web Proxy: Deploy, configure, and maintain web proxy solutions to filter and monitor client internet traffic, ensuring compliance with internal and regulatory requirements.Set up content filtering policies, block malicious websites, and protect against web-based threats like malware, ransomware, and phishing.Monitor and analyze web traffic patterns to identify and respond to suspicious activities and security incidents.Email Gateway: Configure, deploy, and manage secure email gateways (SEG) to prevent email-borne threats such as phishing, malware, and spam.To ensure effective filtering of incoming and outgoing email traffic in compliance with cybersecurity best practices and client-specific security policies.Design and deploy DLP policies and controls to prevent unauthorized data access, transfer, and leakage.Hands-on experience in configuring and managing data classification tools, including but not limited to:Develop and deliver training sessions to ensure widespread understanding of data handling policies and the use of classification and DLP tools.Network Architecture Review: Analyze, review, and develop network architecture designs based on Defense-in-Depth (D