Skip to main content
Managed Services · KSA & GCC

IT Outsourcing & Managed Services

Service desk, NOC, Security Support, DevOps, and managed cloud operations — named engineers, 24/7 follow-the-sun out of Riyadh and Cairo, SLA-backed and PDPL-aware from day one.

24/7follow-the-sun · 2 hubs
0.9%availability SLA
Namedengineers · not pools
// 01 · What we operate

Six domains. One shift roster.

From end-user service desk to 24/7 SOC operations — the full managed-services surface for enterprises running regulated workloads in KSA and the GCC.

OUT.01

Service desk

Tier 1–3 end-user support in Arabic and English. 24/7 ticketing, named-engineer continuity, ITIL-aligned. Average first-response under 5 minutes.

OUT.02

NOC · network operations

Network monitoring, incident response, capacity planning. SD-WAN, MPLS, and multi-site WAN operated from a single pane.

OUT.03

SOC · security operations

24/7 SIEM monitoring, threat detection, IR. NCA-ECC aligned, with use-cases tuned for the KSA threat landscape.

OUT.04

DevOps & SRE

Pipeline ownership, on-call rota, release management, and SLO engineering. Embedded in your engineering team's rhythm — not parallel to it.

OUT.05

Managed cloud operations

AWS, Azure, hybrid estates run end-to-end. Patching, cost reviews, security baseline drift detection, quarterly architecture reviews.

OUT.06

Application support

L2–L3 support for ERP, CRM, in-house apps. Performance tuning, defect triage, vendor liaison, and a hand-off back to dev for true root-cause.

// 02 · Engagement models

Four shapes the team can take.

Staff augmentation, pod, fully managed, or hybrid. The model follows the question "who owns the SLA?" — and the answer shapes the contract, not the other way around.

01

Staff augmentation

Named NAS engineers drop into your team and your ticketing system, under your management. They wear your badge, attend your standups, and the SLA stays with you.

  • Optimise for · your management · your tools
02

Pod most chosen

A self-contained NAS unit — typically a tech lead, two engineers, and a delivery manager — takes a piece of scope end-to-end. NAS owns the SLA. You own the "what".

  • Optimise for · owned scope · NAS-managed
03

Fully managed

NAS runs the entire function — service desk, NOC, SOC, or DevOps — end-to-end, with our tools or yours, under our SLA. You see a monthly scorecard and a quarterly business review.

  • Optimise for · complete delegation
04

Hybrid model

Mix of the above. Common shape: client owns L1 service desk, NAS owns the NOC and SOC, with a shared escalation matrix. The most realistic model for large estates.

  • Optimise for · split ownership
// 03 · Pricing models

Three models. Priced by outcome, not hour.

FTE rate for staff augmentation, fixed-pod monthly for owned scope, fixed-managed monthly for whole-function delegation. The model follows the engagement, and the price follows the model.

Model 01 · FTE

Staff augmentation

Pay per named engineer per month. They sit in your team, your tools, your standups.

SAR28K+ per FTE / month
  • Named engineer · CV reviewed
  • 40 hr / week dedicated
  • Replacement guarantee in 5 days
  • Monthly utilisation report
Model 03 · Managed

Fully managed

NAS runs the whole function (desk / NOC / SOC) end-to-end. Volume-priced against ticket / endpoint count.

SARCustom scoped per function
  • End-to-end function ownership
  • 24/7 follow-the-sun coverage
  • Penalty credits on missed SLAs
  • Quarterly business review
// 04 · SLA scorecard preview

Monthly scorecard. Same one for every client.

Every managed engagement gets the same monthly scorecard: a row per SLA, target vs actual, met or missed. Missed SLAs trigger penalty credits — published in the contract, not negotiated after the fact.

Monthly Scorecard · May 2026

Client · Saudi Healthcare Group

Service desk + NOC + SOC · 24/7 managed

7 / 8 SLAs met
Platform availabilityTier 1 services
99.95%Target
99.97%Actual
Met
Service-desk first responseP1 / P2 tickets
< 5mTarget
4m 12sActual
Met
P1 MTTRMean time to restore
< 60mTarget
42mActual
Met
P2 MTTRMean time to restore
< 4 hrTarget
4h 38mActual
Missed
SOC alert triageCritical-severity
< 10mTarget
6m 24sActual
Met
Patch complianceCritical patches
100%Target
100%Actual
Met
RCA deliveryPost-incident
< 5dTarget
3.2 d avgActual
Met
Customer satisfactionCSAT score
≥ 4.4Target
4.6 / 5Actual
Met
// 05 · Onboarding process

Four weeks to steady-state.

From contract signature to SLA activation, every managed engagement runs the same 4-week ramp. Documented, tracked, signed off — never assumed.

Week 01

Knowledge transfer

  • Estate walkthrough
  • Runbook inventory
  • Tooling access provisioned
  • Stakeholder mapping
Output · signed knowledge-transfer pack
Week 02

Shadowing

  • NAS engineers shadow incumbents
  • Real-ticket walkthroughs
  • Escalation paths verified
  • SLA baseline measured
Output · baseline SLA report
Week 03

Reverse-shadow

  • NAS leads, incumbent shadows
  • Process gaps identified
  • Runbook updates merged
  • Go / no-go gate at week-end
Output · go / no-go decision
Week 04

Steady-state

  • NAS owns the SLA
  • First weekly scorecard
  • 30-day hypercare with seniors
  • Quarterly review scheduled
Output · live SLA · scorecard active
// 06 · Methodology

Four phases. Same loop, every engagement.

Scope, onboard, operate, review. The shift roster runs the operate phase; the partner runs the review. Both pieces are non-negotiable.

  1. 01

    Scope

    Estate inventory, current-state SLA, ticket volume baselining, and contract scope agreed. Two-week sprint, fixed deliverable.

  2. 02

    Onboard

    Four-week ramp: knowledge transfer, shadowing, reverse-shadowing, go/no-go gate. SLA activation only after the gate.

  3. 03

    Operate

    24/7 follow-the-sun out of Riyadh and Cairo. Named engineers, documented shift hand-offs, weekly internal QA on incident handling.

  4. 04

    Review

    Monthly scorecard, quarterly business review with named partner. SLA misses trigger contractual credits and a documented root-cause memo.

// 07 · Stack we operate

Tool-neutral. Or yours — we work both ways.

// 09 · FAQ

Common questions.

Q.01Do you provide 24/7 coverage?

Yes. Our managed services run a follow-the-sun rota out of Riyadh and Cairo with documented hand-off scripts at every shift change. We track shift-handover quality as an internal SLA — because that's where most managed-service incidents actually start.

Q.02What is the difference between staff augmentation and a pod?

Staff augmentation drops named individuals into your team and your ticketing system, under your management. A pod is a self-contained NAS unit (e.g. tech lead + 3 engineers) that takes a piece of scope end-to-end, manages itself, and reports against agreed outcomes.

Q.03How are SLAs structured?

We sign SLAs per service tier — availability, first-response, time-to-restore, and root-cause-document time. Monthly scorecard. Penalty credits for missed SLAs are documented in the contract; we have paid them, and we'd rather not.

Q.04Can engineers be on-site?

Yes. About 30% of our managed engagements include a fixed on-site presence in Riyadh or Cairo for sensitive estates. The rest run remote with documented escalation paths and quarterly on-site reviews.

Q.05Do you handle KSA residency and NCA-ECC?

Yes. Our managed services operate inside NCA-ECC and PDPL constraints by default — data residency, access reviews, logging retention, and privileged-access trails are all baked into the runbook, not bolted on for the audit.