KBR, Inc. Jobs in Riyadh, Riyadh, Saudi Arabia – Cybersecurity Threat Intelligence Analyst (SCyWF PD-TM-001)

KBR, Inc. Jobs

Website KBR, Inc.

Are you looking for a Job at KBR Inc in Riyadh, Riyadh, Saudi Arabia

About the job

Role Context

KBR has been awarded a support contract by the UK Ministry of Defence (UK MOD). Under the terms of the contract, KBR will provide communications network support and deliver training services in the Kingdom of Saudi Arabia. This is a significant project that expands our portfolio of work with the UK MOD and in the Middle East.

Under the contract, KBR is seeking to recruit staff to deliver: 

  • Support in delivering IP Telephony, host applications such as Network Management System, Cable Management Systems and incident management software 
  • Operation of Service Desks
  • Support to maintain operational capability of Fixed & Deployable equipment/capabilities. 
  • Design & deliver a new Management Information System
  • Technical & English Language Training
  • Built Estate maintenance and upkeep


  • You possess a Bachelor’s degree in computer science, business administration in information technology, or a related discipline.
  • You are proficient in mainstream security monitoring concepts (SIEM) and are able to tune/optimise and develop the effectiveness of the tool over time
  • You have basic knowledge of cybersecurity on Windows, Linux and cloud-based services.
  • Broad infrastructure and technology background, including Systems Admin on both Microsoft and Linux platforms, familiarity of mainstream security appliances, firewalls, VPN gateways, AD etc.


  • Some experience of using SIEM
  • Experience in a Security Operations Centre (SOC) environment, applying security policy and procedures for complex service delivery.
  • Understand and optimise the log collection architecture and best practises, demonstrating a strong knowledge of frameworks, standards and regulatory requirements related to information security and data protection.
  • You are proficient in modern programming / scripting languages such as C#, PHP, Java, JavaScript, Python
  • Involved in the delivering of cyber awareness training.

On the path for one or more industry certification, such as:

  • Certified Information Security Manager (CISM)
  • Certified Information Systems Security Professional (CISSP)
  • Certified in Risk and Information Systems Control
  • Certified Information Systems Auditor (CISA)
  • Global Information Assurance Certification
  • Vendor specific equivalents, such as Cisco CCNA or CCSP, ISC2’s SSCP, CompTIA Network + and Security+

Role – Threat Intelligence Analyst

Collects and analyzes multi-source information about cybersecurity threats to develop deep understanding and awareness of cyber threats and actors’ Tactics, Techniques and Procedures (TTPs), to derive and report indicators that help organizations detect and predict cyber incidents and protect systems and networks from cyber threats.

Tasks, Skills, Abilities And Knowledge

Aligns with the SCyWF 1:2020

T5056 Track status of requests for information in line with the organization’s policies.

T5502 Answer requests for information in line with the organization’s policies.

T5503 Use knowledge of threat actors and activities to build common understanding of organization’s current risk profile.

T5504 Use knowledge of threat actors and activities to inform organization’s response to a cyber incident.

T5505 Coordinate, validate and manage the organization’s cyber threat intelligence sources and feeds.

T5506 Identify information gaps in threat intelligence and assess their implications for the organization.

T5507 Prepare and deliver briefs on specific threats to the organization.

T5508 Work collaboratively and share information with threat intelligence analysts working in related fields.

T5517 Identify the principal threats to the organization’s known vulnerabilities.

T5519 Identify threat tactics and methodologies.

T5524 Monitor and report changes in threat dispositions, activities, tactics, capabilities and objectives.

T5525 Monitor and report on validated threat activities.

T5526 Monitor open source websites for hostile content directed towards organizational or partner interests.

T5527 Monitor and report on threat actor activities to fulfil organization’s threat intelligence and reporting requirements.

T5529 Provide information and assessments of threat actors to assist stakeholders in planning and executing cybersecurity activities.

T5531 Monitor cyber threat intelligence feeds and report significant network events and intrusions.

T5535 Maintain a common intelligence picture.

T5536 Conduct in-depth research and analysis.

T5537 Develop information requirements necessary for answering priority information requests.

T5539 Produce timely, fused, all-source cyber operations intelligence and/or indications and warnings intelligence products (e.g., threat assessments, briefings, intelligence studies, country studies).

T5540 Provide current intelligence support to critical internal/external stakeholders as appropriate.

T5541 Provide evaluation and feedback necessary for improving intelligence production, intelligence reporting, collection requirements and operations.

T5542 Provide timely notice of imminent or hostile intentions or activities which may impact organization objectives, resources, or capabilities.

T5544 Identify cyber threat tactics and methodologies.


Skills and Abilities

S0051 Skill in effectively preparing and presenting briefings in a clear and concise manner.

S0055 Skill in utilizing feedback to improve cybersecurity processes, products and services.

S2536 Skill in tailoring analysis to the necessary levels based on organizational policies on data handling and classification and distribution of sensitive material.

S5501 Skill in defining and characterizing aspects of the operational environment relevant to its cybersecurity strategy.

S5504 Skill in evaluating information for reliability, validity and relevance.

S5507 Skill in identifying alternative analytical interpretations to minimize unanticipated outcomes.

S5509 Skill in identifying cyber threats which may jeopardize the organization or its stakeholders’

S5510 Skill in identifying and analyzing physical, functional, or behavioral relationships to develop understanding of attackers and their objectives

S5516 Skill in constructing simple and complex queries.

S5517 Skill in using multiple analytic tools, databases and techniques.

S5518 Skill in using multiple search engines and tools in conducting open-source searches.

S5520 Skill in utilizing virtual collaborative workspaces and tools in line with organizational cybersecurity policies.

S5521 Skill in writing, reviewing and editing cybersecurity assessment products using information derived from multiple sources.


A0002 Ability to communicate cybersecurity concepts and practices in an effective manner.

A0014 Ability to source all data used in intelligence, assessment and planning activities.

A0016 Ability to determine whether information is reliable, valid and relevant.

A0018 Ability to focus research efforts to address cybersecurity requirements and meet the organization’s decision-making needs.

A0019 Ability to function in a collaborative environment to leverage analytical and technical expertise.

A0020 Ability to identify gaps in threat intelligence and other cybersecurity information gathering.

A0022 Ability to recognize and mitigate deception in information obtained and provide appropriate reporting and analysis.

A0025 Ability to apply critical thinking.

A2513 Ability to collaborate effectively within virtual teams and matrix management.

A2516 Ability to function effectively in a dynamic, fast-paced environment which changes frequently.

A2525 Ability to utilize multiple information sources to inform cybersecurity related actions.

A5500 Ability to clearly articulate cyber threat intelligence requirements into well-formulated research questions and data tracking variables for inquiry tracking purposes.

A5501 Ability to develop analytic approaches and solutions to problems where information is incomplete, or no precedent exists.

A5502 Ability to think like threat actors.

Knowledge Of

K0001 Network components, their operation and appropriate network security controls and methods.

K0002 Understanding of risk assessment, mitigation and management methods.

K0003 Relevant cybersecurity aspects of legislative and regulatory requirements, relating to ethics and privacy.

K0004 The principles of cybersecurity and privacy.

K0005 Cybersecurity related threats and vulnerabilities.

K0006 The likely operational impact on an organization of cybersecurity breaches.

K0027 Human-computer interaction principles.

K0043 Best practice network traffic analysis methods.

K0066 Physical computer components and peripherals’ architectures and functions.

K0074 The national cybersecurity regulations and requirements relevant to the organization.

K0099 The stages of a cyberattack.

K0155 Data communications terminology.

K0157 Encryption algorithms.

K0159 IT operations security.

K0161 Physical and logical network devices and infrastructure.

K0163 Network security at fundamental level.

K0165 What constitutes a threat to network security.

K5500 Concepts, terminology and operations of communications media.

K5502 Attack methods and techniques.

K5504 Common computer and network infections and their methods.

K5506 Computer-based intrusion sets.

K5507 Cyber threat intelligence sources and their respective capabilities.

K5508 Cybersecurity operations concepts, terminology, principles, limitations and effects.

K5509 Evolving and emerging communications technologies and their implications for cybersecurity.

K5511 Host-based security products and how those products reduce vulnerability to exploitation

K5512 How internet communications applications work.

K5514 The risks wireless networks pose for an organization’s cybersecurity.

K5515 How to extract, analyze and use metadata.

K5516 Different types of organization, team and people involved in cyber threat intelligence collection.

K5517 How to use cyber threat intelligence to inform the organization’s cybersecurity planning.

K5518 How to use cyber threat intelligence to inform the organization’s cybersecurity operations.

K5519 The tactics an organization can employ to anticipate and counter an attacker’s capabilities and actions.

K5520 Internet network addressing

K5523 Malware.

K5524 The organization’s leadership, structure and cyber decision-making processes

K5527 Telecommunications fundamentals.

K5528The basic structure, architecture and design of modern digital and telephony networks.

K5530 How threat actors relevant to the organization use the internet and the targeting information they could learn about the organization from it.

K5532 Virtualization products.

K5533 The basic structure, architecture and design of modern wireless communications systems.

Company: KBR, Inc.

Vacancy Type: Full-time · Entry level 

Job Location: Riyadh, Riyadh, Saudi Arabia

Application Deadline: N/A

Apply Here


To apply for this job email your details to bfdirb6788@gmail.com