About Us
A leading UAE-based consumer technology company, building the digital infrastructure of everyday life with a focus on AI-powered fintech, communication, and digital services. Guided by our philosophy, the Blueprint of Simplicity, we design technology around real human behavior, connecting people, enabling financial access, and making everyday experiences effortless. Our flagship platform, botim, is the region’s most trusted fintech communication platform, combining secure VoIP with action‑based AI and everyday money tools.
Through botim money, we provide financial services that serve both individuals and SMEs, making payments, transfers, and credit simpler and more accessible. Today, the platform serves 150M+ users worldwide. Our lending finance engine, Quantix, powers fast, regulated credit across the ecosystem, including innovative products such as Cash Now for instant access. From calls to credit, from daily services to big ambitions, we are rethinking how the region stays connected and financially included.
Abu Dhabi, UAE
Role SummaryWe are seeking a hands‑on Cybersecurity Engineer with deep expertise in offensive security, secrets management, and secure platform engineering. This role focuses on advanced technical execution, including Azure infrastructure security, enterprise‑grade key & secrets management (PAM / HSM / Key Vault), SOC operation, red/blue team operations, Dev Sec Ops security integration, and infrastructure & application‑level resilience.
Responsibilities- Hands‑on hardening of Azure tenants – Entra (Azure AD), Conditional Access, Defender for Cloud, NSGs, Private Link, Key Vault, Policy & Blueprints, Landing Zone reference architectures, and CIS/Microsoft Cloud Security Benchmark alignment.
- Design and operate enterprise key lifecycle – Azure Key Vault / Managed HSM, BYOK/HYOK, certificate lifecycle, rotation, envelope encryption, and integration with PKI and application secret stores.
- Implement and administer PAM platforms (e.g., Cyber Ark, Beyond Trust, PAM
360) – vault design, session isolation/recording, JIT/JEA, credential rotation, and Tier‑0 protection for hybrid identities. - Lead and execute vulnerability assessments and penetration tests on web applications and REST/GraphQL APIs aligned to OWASP Top 10, ASVS and API Security Top 10; use Burp Suite Pro, ZAP, Nuclei, and produce risk‑rated, developer‑actionable reports.
- Embed security across CI/CD (Azure Dev Ops / Git Hub Actions / Git Lab) – SAST, DAST, SCA, IaC scanning (Terraform/Bicep), container & image scanning, secrets detection, and policy‑as‑code (OPA / Azure Policy).
- Operate Microsoft Sentinel end‑to‑end – data connectors, KQL hunting, analytics & UEBA rules, watchlists, SOAR playbooks (Logic Apps), incident triage, MITRE ATT&CK mapping, and threat intelligence integration.
- Education:
Bachelor’s degree in Computer Science, Information Security, Engineering or a closely related discipline. - Experience:
5‑8 years of hands‑on experience in cybersecurity engineering or security operations roles within enterprise or service‑provider environments. - Cloud:
Demonstrable, production‑grade experience securing Microsoft Azure workloads (multi‑subscription, hybrid identity, networking). - Offensive
Skills:
Proven track record of delivering web and API penetration tests with formal reporting to enterprise stakeholders. - SOC:
Working experience with Microsoft Sentinel and Microsoft Defender XDR, including KQL, analytics rule authoring, and Logic Apps automation. - Tooling:
Practical exposure to PAM (Cyber Ark / Beyond Trust / PAM
360), Key Vault / HSM, Burp Suite Pro, CI/CD security scanners, and IaC tools.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).