Jobs search

Senior Information Security & Cloud Security Specialist

AHAD • Full-time • دبي, AE • 6d ago

Company: AHAD www.ahad-me.com

Email Your CV: info@ahad-me.com

Experience Level: 10+ years

Location: Dubai, UAE

Job Type: Full-time

Industry: Banking & Financial Services

Reporting To: CXO / CISO / Head of Technology Risk

Job Summary:

We are seeking an experienced and highly skilled Senior Information Security & Cloud Security Specialist to lead, manage, and optimize all facets of cybersecurity operations, IT infrastructure protection, and cloud security governance across a high-stakes banking environment. The selected candidate will be deputed (contracted) by AHAD to a leading financial institution, working closely with internal teams to safeguard digital assets, support secure cloud-native transformation, and ensure alignment with UAE regulatory frameworks including CBUAE and PDPL. The ideal candidate will have extensive experience in security design, implementation, monitoring, and governance—especially within regulated BFSI domains.

Key Responsibilities:

1. Enterprise Security Architecture & Operations

Lead the design, implementation, and optimization of enterprise-wide security architecture, including cloud and on-premise environments.
Manage endpoint security, EDR/XDR solutions, firewalls, IDS/IPS, and SIEM platforms.
Drive secure network architecture design, including segmentation, NAC, VPNs, DMZ hardening, and zero-trust principles.

2. Cloud Security & SaaS Governance

Oversee the secure migration and management of workloads on Microsoft Azure UAE Cloud.
Enforce cloud-native security controls: encryption, identity governance, secure containers, cloud firewalls, workload protection, etc.
Implement and monitor CASB posture, SaaS security hygiene, and cloud workload protection platforms (CWPP).

3. Threat Management & Incident Response

Own threat intelligence, threat modeling, and attack surface management for external-facing and internal systems.
Lead incident response coordination, triage, RCA, and recovery efforts.
Establish and run Breach & Attack Simulation (BAS), Red Team exercises, and tabletop drills.

4. Security Monitoring & SOC Oversight

Oversee SOC operations, fine-tune SIEM alerting, define threat use cases, and measure SOC performance metrics.
Integrate threat intelligence feeds, SOAR workflows, and drive automation and incident response maturity.

5. Infrastructure & Brand Protection

Manage DNS security, DLP, anti-malware, secure email gateways, web filtering, and brand impersonation monitoring.
Ensure security of network infrastructure, WiFi, switches, routers, data centers, and hybrid IT environments.

6. Access & Identity Security

Implement and manage IAM, PAM, MFA, SSO, and Role-Based Access Control (RBAC) across cloud and on-prem platforms.
Conduct periodic access reviews, privilege escalation controls, and lifecycle management.

7. Regulatory Alignment & Governance

Ensure compliance with CBUAE regulations, PDPL, ISO 27001/27701, NIST CSF, CIS Controls and other global benchmarks.
Work closely with internal and external audit teams and regulatory examiners.

8. Technical Advisory & Cross-Functional Engagement

Collaborate with application, infrastructure, DevOps, and product teams to embed security by design.
Provide security guidance during solution architecture reviews, vendor onboarding, and project planning.

Key Requirements:

Minimum 10 years of progressive experience in cybersecurity, cloud security, and infrastructure protection roles.
Proven experience working in regulated BFSI environments (Banking, Financial Institutions, or Insurance).
Expertise in Microsoft Azure security, including Defender for Cloud, Azure AD, Key Vault, Network Security Groups, etc.
Solid experience in managing SOC/SIEM and security operations teams.
Strong background in network protocols, Linux/Windows hardening, virtualization, and cloud-native technologies.
Familiarity with BAS platforms, brand protection tools, and secure SDLC.
Relevant certifications such as CISSP, CCSP, CISM, Azure Security Engineer, OSCP, or equivalent.

Preferred Attributes:

Strong problem-solving skills, analytical mindset, and hands-on technical leadership.
Experience in cross-functional collaboration with senior stakeholders, IT, DevOps, and compliance teams.
Ability to write technical documentation, risk assessments, and security architecture reports.
Fluent understanding of Middle East banking regulations and data sovereignty considerations.

Education & Certifications:

Bachelor’s or Master’s degree in Computer Science, Information Security, or related field.
Industry certifications: CISSP, CISM, CCSP, Microsoft Certified: Azure Security Engineer, etc.

Apply