• Experienced/Senior candidate - experience of working in a fast paced Fintech environment
• GCP Security, Terraform, CI-CD Security, Kubernetes Security,Gitlab, Product security features and fixes
• Secure Software Development Lifecycle – continuously improving by implementing tools,processes and procedures e.g. source code reviews, DAST, SAST all these security checkpoints before going into production environment
• Plan and Execute security assessments such as dynamic testing, static testing, code review and threat modelling
• Conduct Pen Testing of website, mobile app and internal network
• Work across various product and engineering teams to prioritize security features and bugs, and ensure implementation and mitigation.
• Work with DevOps and other teams to implement and improve security controls and/or processes
• Work with wider development, DevOps and product team to train them on OWASP, secure coding practices etc
• API Security Management/Monitoring
• Automation and improvement of Incident Response procedures, playbook creation to reduce manual effort of responding to typical cyber incidents
• Monitor threats and vulnerabilities or conducts regular threat intelligence
• Research and develop detection rules utilizing an array of tools
• Familiar with security regulations/standards such as PCI, SAMA CSF, NESA, SOC2, OWASP

Nice to Have:

• Experience of Golang
• GCP: Google Cloud Security features such as Cloud Key Management,
• DLP, Security Command Centre, Secrets Manager, VPC Security
  SIEM/Security Operations Centre, Cloudflare Firewall
• Endpoint Security – MalwareBytes (Windows), Jamf (iOS)
  MDM (Jamf and Google MDM)