• Design, implement, and manage security controls, policies, and procedures for the cloud environment to safeguard against unauthorized access, data breaches, and other security risks.
• Conduct regular security assessments and audits of the security environment infrastructure, identifying vulnerabilities and areas for improvement, and recommending solutions to mitigate risks.
• Develop and enforce cloud security best practices and policies across the organization.
• Collaborate with development and operations teams to ensure secure deployment and operation of cloud applications.
• Implement native cloud security controls, such as IAM, VM, EDR, and cloud security posture management to ensure appropriate access to cloud resources.
• Stay current with emerging cloud security threats, technologies, and best practices.
• Provide security training and guidance to team members and stakeholders on cloud security measures.
• Work with regulatory bodies to ensure compliance with industry standards and Middle East regulations related to cloud security.
• Manage and configure security tools and software, such as firewalls, intrusion detection systems, and encryption technologies, within cloud environments.

• Bachelor’s degree in computer science, Information Security, or a related field from a reputable university. 
• Minimum of 3 years of relevant experience.
• Strong hands-on experience in TWO of the below five domains

Cloud and Container Security:

• Experience with AWS, Azure, GCP, or OCI and demonstrable affinity with Cloud technology.
• Experience with containerization: Kubernetes, Docker.
• Governance and Risk Assessment:
• Experience with security frameworks such as ISO, CSA and PCI.
• Experience with the implementation of cloud risk frameworks and optimization of controls (in CI/CD pipelines).

Architecture and Design:

• Experience with Secure Cloud Architecture Design and Implementation; Design solutions for improving Cloud Security by enforcement of cloud security guardrails and standards.
• Experience with encryption in-flight and at-rest practices, as well as certificate and secrets
• Knowledge of network architectures, topologies, and concepts (Firewalls, LB, WAF, CDN, VPC, ACL, TLS, SSH, and DNS).
• Experience with security solutions such as WAF, IPS, and anti-DDOS systems.
• Experience with network/perimeter security platforms and routing protocols, OSI layers, etc.

DevOps & Engineering:

• Good knowledge of application architecture (Microservices, API gateway, service mesh, message queues, etc.) and technical expertise in designing controls to secure each layer within the application architecture (web layer, integration layer, backend).
• Strong understanding of authentication and authorization patterns and their applicability within the development context (knowledge of Authentication / Authorization protocols and patterns, Authentication and Authorization within microservices).
• Experience with infrastructure automation, infrastructure as code, automated application deployment, monitoring/telemetry, logging, reporting/dashboarding, and continuous delivery technologies.

Application Security & DevSecOps:

• Experience with continuous security practices, including threat modeling, threat and vulnerability management, secure coding practices, and automated penetration testing.
• Understanding of the OWASP Top 10 application security risks and how to address them.
• Working knowledge of the Security Development Lifecycle (SDLC), OWASP Software Assurance Maturity Model (SAMM), or Building Security in Maturity Model (BSIMM).
• Understanding of web application security scanning software and related penetration testing tools such as SAST/DAST/IAST/SCA.

Preferred Certifications:

• Cloud Certifications by AWS/GCP/OCI/Azure.
• Kubernetes Certifications
• Relevant certifications such as CISSP, CCSP, AWS Certified Security – Specialty, or equivalent are highly desirable.