Riyad Bank
Cyber Security DevOps Senior Specialist
- Permanent
- Riyadh, Saudi Arabia
- Experience 2 - 5 yrs
Job expiry date: 03/06/2026
Job overview
Date posted
19/04/2026
Location
Riyadh, Saudi Arabia
Salary
Undisclosed
Compensation
Job description
The Cyber Security DevOps Senior Specialist role at Riyad Bank in Riyadh, Saudi Arabia focuses on integrating cybersecurity requirements into DevOps and software development pipelines within Business Technology environments. The role is responsible for supporting cybersecurity projects and change initiatives by applying cybersecurity and DevOps design principles, ensuring security is embedded across agile development processes including sprint planning, user story definition, testing, deployment, and sprint retrospectives. The position involves selecting appropriate automated testing approaches for cybersecurity controls and countermeasures within CI/CD pipelines, conducting vulnerability assessments, baseline configuration scanning, and security testing activities including penetration testing, fuzzing, static code analysis, and secure code reviews. The role requires developing, configuring, and maintaining DevOps security tools to track cybersecurity controls, configuration items, and ensure accurate and continuous security monitoring of development environments. It includes assessing release components for deployment scheduling, managing secure software delivery tools, and ensuring secure configuration management across DevOps pipelines. The specialist is responsible for identifying vulnerabilities in applications, analyzing risks, performing threat assessments, and coordinating with engineering teams to remediate security issues. The role also includes applying cybersecurity principles such as defense-in-depth, authentication, authorization, access control, encryption, intrusion detection, intrusion prevention, and network security architecture design. It requires strong understanding of OSI model, network protocols, Windows and Unix systems, packet-level analysis, and cyberattack stages. The position involves continuous monitoring of cybersecurity threats, assessing emerging technologies for exploitation risks, and ensuring compliance with IT security principles and enterprise cybersecurity architecture standards. The specialist contributes to continuous improvement of cybersecurity processes, reporting security findings, maintaining documentation, and supporting incident response activities within the banking cybersecurity environment while ensuring alignment with regulatory and organizational security policies.
Required skills
Key responsibilities
- Support cybersecurity DevOps projects and change initiatives by preparing technical plans and applying cybersecurity design principles within CI/CD pipelines.
- Select and implement automated testing approaches for cybersecurity controls and countermeasures across DevOps pipelines.
- Conduct vulnerability scanning, baseline configuration assessments, and penetration testing activities to identify and mitigate security risks in applications and systems.
- Perform secure code reviews using static analysis tools, fuzzing techniques, and security testing frameworks to identify software vulnerabilities.
- Develop, configure, and maintain cybersecurity DevOps tools for tracking configuration items, security controls, and pipeline security status.
- Analyze and report on cybersecurity test activities, vulnerabilities, risks, and issues within DevOps and agile development environments.
- Integrate cybersecurity into agile workflows by defining security user stories, participating in sprint planning, and contributing to sprint retrospectives.
- Assess release components and manage secure deployment processes, including scheduling and configuration management for DevOps pipelines.
- Conduct risk analysis including threat modeling, vulnerability assessment, and probability of occurrence evaluation during system changes.
- Support continuous improvement of cybersecurity practices by identifying process gaps, recommending corrective actions, and ensuring compliance with security standards
Experience & skills
- Apply knowledge of cybersecurity principles including network security, application security, authentication, authorization, and access control mechanisms.
- Utilize expertise in cybersecurity tools including intrusion detection systems, intrusion prevention systems, vulnerability scanners, and penetration testing tools.
- Demonstrate understanding of DevOps security integration, CI/CD pipelines, and secure software development lifecycle practices.
- Apply knowledge of network protocols, OSI model, Windows and Unix systems, ports, services, and packet-level network analysis.
- Use cybersecurity testing methodologies including fuzzing, static code analysis, penetration testing, and red teaming techniques.
- Understand encryption algorithms, defense-in-depth principles, and cybersecurity architecture design for enterprise environments.
- Analyze cybersecurity threats, vulnerabilities, attack stages, and malicious actor behaviors within organizational threat environments.
- Apply secure coding standards and testing methodologies to identify and mitigate application security vulnerabilities.
- Operate configuration management and security monitoring tools to maintain cybersecurity controls within DevOps environments
- Understand IT security principles, incident response processes, and cybersecurity risk management frameworks within banking environments