Information Security Engineer

Department: InfoSec MonitoringLocation: KSADescriptionWe are thrilled to announce an opportunity for a skilled Information Security Engineer to join our team and play a role in enhancing our security measures by utilizing your abilities and deep knowledge of information security methodologies. Paying attention to details and efficiently solving problems will be crucial in ensuring the safety of Tabby’s systems.The role you will be involved in both operations and important implementation projects contributing to the growth and maintenance of our technology infrastructure. If you have a passion for cybersecurity, possess technical skills and aspire to make a significant impact we strongly encourage you to apply and become an essential part of our dedicated cybersecurity team.Key ResponsibilitiesCloud Security: Have a good understanding of cloud services such as Google CloudProvide (GCP), Terraform, CI-CD Security, Kubernetes Security,Gitlab, Product security features and fixes.Penetration Testing: Perform Dynamic Application Security Testing (DAST) and Static Application Security Testing (SAST) for Web, Mobile, and API applications. Plan and conduct Infrastructure Vulnerability Assessment and Penetration Testing of systems,switches, servers, and more.End-Point Protection: Exhibit expertise in planning, implementing, and managing enterprise-level Anti-Virus (AV) solutions to safeguard against malware, viruses, and other malicious threats.Infrastructure Security: Review the complete corporate IT infrastructure's security, including network security controls, anti-malware implementation, Cloud Security posture.Management (CPM), Data Loss Prevention (DLP), firewall rulesets, backup and disasterrecovery, and vulnerability management processes.Project Management: Work across various product and engineering teams to prioritize security features and bugs, and ensure implementation and mitigation.Work with DevOps and other teams to implement and improve security controls and/or processes.Security Awareness: Experience in conducting phishing simulations and other awareness exercises to evaluate employee susceptibility to social engineering and provide targeted training to enhance resilience.Security Monitoring: Automation and improvement of Incident Response procedures, playbook creation to reduce manual effort of responding to typical cyber incidents along with monitoring of threats and vulnerabilities or conducts regular threat intelligence.Research and develop detection rules utilizing an array of tools.Skills, Knowledge and ExpertiseDegree in Information Technology, Computer Science, Software Engineering, or related fieldKnowledge of Information Technology security issues and approaches to manageInformation Technology security with a fast paced Fintech environment.Security Qualification Good to have: CEH, CompTia Security, etcExcellent communication, influencing and stakeholder management skills2-3 Experience of working across teams to deliver solutions and generate high levels ofinternal buy-inExperience of developing and delivering training.Experience of working in a culturally diverse environmentKnowledge of online technologies, payment methods, content delivery networks, REST APIs, microservices, and application development.Programming and scripting understanding (Bash, Python etc.)Good Cloud experience with and appreciation of AWS, GCP & OCI.