We are looking for a Cloud Security Engineer with mandatory experience in banking, fintech, or regulated sectors to lead the design and implementation of secure, compliant cloud infrastructures .
The candidate must have a strong understanding of regulatory frameworks and enterprise-grade security controls , with the ability to operate in high-compliance environments.
Key Responsibilities: Own and implement cloud security architectures and landing-zone guardrails across network, identity, data, and logging layers.
Secure configurations for databases, storage, serverless, and other cloud-native services.
Design and enforce least-privilege IAM , including SSO (SAML/OIDC) and PAM workflows.
Implement key and credential lifecycle management , including MFA, short-lived tokens, and machine identity governance.
Ensure data protection via encryption at rest and in transit, along with tokenization where required.
Define and enforce network segmentation , private connectivity, secure egress, and API security.
Implement protections such as WAF, DDoS mitigation, and bot defense mechanisms.
Establish and manage Zero Trust access models for users and services.
Integrate security scanning tools (SAST, DAST, Secrets, IaC) into CI/CD pipelines.
Maintain compliance and audit readiness for SAMA, NCA, ISO 27001, PCI DSS, SWIFT CSP.
Develop and enforce policies-as-code , tagging standards, and exception workflows.
Integrate and manage cloud logs within SIEM platforms (e.
g., Splunk). Orchestrate cloud and container security scanning , track remediation SLAs, and collaborate with engineering teams.
7–12 years of experience in cybersecurity, including 3+ years securing public cloud environments (GCP or OCI preferred).
Mandatory experience in fintech, banking, or highly regulated industries.
Strong expertise in IAM/SSO/PAM , KMS/HSM, PKI, and key rotation strategies.
Hands-on experience with cloud security platforms : CSPM, CNAPP, CWPP, CIEM, and native tools (e.
g., GCP SCC, OCI Cloud Guard).
Deep understanding of network and web security : VPC/VNet, routing, private link, TLS/mTLS, API gateways.
Experience with container and Kubernetes security , including runtime protection and network policies.
Proficiency in DevSecOps tools : Terraform, CI/CD pipelines, scripting (Python/PowerShell), and log analysis (SQL/Regex).
Strong familiarity with regulatory frameworks : SAMA Cybersecurity Framework NCA ECC ISO 27001 PCI DSS SWIFT CSP Experience integrating security monitoring with SIEM tools (Splunk preferred).
Preferred Qualifications: Cloud certifications (GCP, OCI, AWS, or Azure Security) Experience in banking, fintech, or regulated environments Strong documentation, communication, and stakeholder management skills What We’re Looking For: Strong problem-solving mindset with a security-first approach Ability to work cross-functionally with DevOps, Engineering, and Compliance teams Ownership-driven individual who can design and implement scalable security solutions
