Senior Cloud & Security Engineer- PKI/HSM + cloud + threat modelling

We have urgent requirement for Senior Cloud & Security Engineer- PKI/HSM + cloud + threat modelling is required for our banking client in BahrainStrong experience on Cloud Security (Azure + AWS) – configuration, IAM, APIs, monitoring, DevSecOps is THE MUSTStrong experience on Cryptography & PKI / HSM Expertise is THE MUSTStrong experience on Security Engineering Expertise – firewalls, IDS/IPS, CASB, DLP, log management is THE MUSTStrong experience on threat modelling tools and methodologies (e.g., STRIDE, DREAD, MITRE ATT&CK is THE MUSTCISSP or CISM (either one) Or PCI certification: PCI-ISA / PCI-QSA / PCIPOr Pen Test certification: OSCP / CEH / eJPTThe Senior Security Engineer is responsible for engineering, implementing, and maintaining advanced security technologies across cloud and on-prem environments. The role requires deep technical expertise in cloud security, PKI/cryptography, secure protocols, DevSecOps, and security tool configuration. The engineer will lead security implementations, automate controls, perform threat and vulnerability assessments, and ensure compliance with regulatory and industry standards.Key Responsibilities (Brief)Security Engineering & ImplementationConfigure, optimize, and maintain advanced security solutions (DLP, CASB, HSM, firewalls, IDS/IPS, endpoint controls).Implement and automate security controls in cloud, hybrid, and on-prem environments.Support secure design of systems, networks, APIs, containers, and DevOps pipelines (DevSecOps).Develop low-level security architecture, including PKI and cryptographic services.Research, Testing & Threat ManagementConduct threat modelling, vulnerability analysis, and penetration testing coordination.Validate security solutions against standards (ISO 27001, NIST, CIS).Investigate and resolve complex security incidents and vulnerabilities.Governance & ComplianceEnsure implementations comply with regulatory standards (CBB, PCI-DSS, ISO 27001).Track remediation activities and strengthen overall security posture.Produce technical documentation, architecture diagrams (C4), SOPs, and reports.Product & Tool OwnershipManage CASB/DLP alerts and operations.Configure and support HSMs, key lifecycle management, and encryption solutions.Support lifecycle governance and policy tuning for security tools.Collaboration & SupportWork closely with IT, Architecture, Risk, Compliance, and Audit teams.Provide technical mentorship to junior engineers.Support internal and external audits and assessments.Skills: cloud,architecture,security,pki Mandatory SkillsCloud Security (Azure + AWS) – configuration, IAM, APIs, monitoring, DevSecOps.PKI, Cryptography & HSM Expertise – key management, certificate services, encryption.Security Engineering Expertise – firewalls, IDS/IPS, CASB, DLP, log management.Threat Modelling & Penetration Testing Knowledge – MITRE ATT&CK, STRIDE, OSCP/CEH understanding.Security Architecture & Low-Level Design Experience – secure protocols, network security, secure configurations.