Responsible for developing, implementing, and maintaining cybersecurity governance, risk management, and compliance frameworks. Ensures alignment with regulatory requirements such as NCA ECC, ISO 27001, and NIST standards, and supports internal/external audits and risk assessments.
Identifies, analyzes, monitors, mitigates and manages threats and vulnerabilities to IT systems and networks.
Uses defensive measures and multi-source information to report events and respond to incidents.
Uses data collected from cyber defense tools to analyze events that occur within their organization to detect and mitigate cyber threats.
Performs vulnerability assessments of systems and networks. Identifies where they deviate from acceptable configurations or applicable policies. Measures effectiveness of
defense-in-depth architecture against known vulnerabilities.
Conducts authorized attempts to penetrate computer systems or networks and physical premises, using realistic threat techniques, to evaluate their security and detect
potential vulnerabilities.
Investigates, analyzes and responds to cybersecurity incidents.
Collects and analyzes digital evidence, investigates cybersecurity incidents to derive useful information to mitigate system and network vulnerabilities.
Collects and analyzes multi-source information about cybersecurity threats to develop deep understanding and awareness of cyber threats and actors' Tactics, Techniques and
Procedures (TTPs), to derive and report indicators that help organizations detect and predict cyber incidents and protect systems and networks from cyber threats.
Proactively searches for undetected threats in networks and systems, identifies their Indicators of Compromise (IOCs) and recommends mitigation plans.
Skill in system, network and OS hardening techniques
Prince Sultan Defense Studies and Research Center (PSDSARC) was established as part of restructuring of the Saudi defense ecosystem to support the national military industries and to contribute to the Saudi Vision 2030 in achieving 50% localization of the Kingdom's military spending and enhancing national sovereignty over defense systems. The Council of Minister's Resolution no. 339, dated 16/8/1437H, approved the organization of PSDSARC as a government entity with an independent legal identity that organizationally reports to the General Authority for Defense Development (GADD). PSDSARC was also mandated in this resolution to enhance and support the Kingdom's defense and security future directions by conducting and developing qualitative and technical research related to defense, security, and strategic fields. Due to the crucial importance of R&D in the defense industry and also due to its important role as a link between operational requirements and technical solution development addressing traditional and modern threats, one of PSDSARC's key objectives is development of the qualified human capital that is capable of conducting R&D in highly specialized technology areas. As on one hand, the availability of laboratories is a major part of the research infrastructure, on the other hand, recruitment, training, mentoring and development of national talents are considered by PSDSARC as a key part of the R&D system across all its projects and programs. National sovereignty over defense systems constitutes a strategic goal closely associated with the ability to build national capabilities and competencies to support localization and development of modern technologies.