Overview:
Avrioc Technologies, headquartered in Abu Dhabi, UAE, specializes in developing applications, software, games, and AI models that enhance daily experiences. Its offerings include CBUAE Licensed Fintech solution, AI-driven products, indoor cycling platform, VoIP application and freelance platform. The company is dedicated to innovation and continuous growth, aiming to transform ordinary experiences into extraordinary ones.
The Cybersecurity Lead will report directly to the CISO and will focus on cloud security, application security, incident response and red teaming. This role involves driving cross-functional collaboration, managing a team of security professionals, and ensuring the organization’s security posture remains robust and proactive against emerging threats.
Responsibilities:
- Execute cybersecurity strategies for Cloud environment (AWS), Applications, and related services.
- Collaborate with cross-functional teams, including DevOps, IT, and software development, to embed security across all processes.
- Implement, and maintain of cloud security controls, ensuring compliance with best practices such as AWS CSPM.
- Drive initiatives to secure cloud-native applications and infrastructure, aligning with business goals.
- Lead efforts to design and maintain secure application architectures, integrating security into all stages of development.
- Establish and oversee secure code review processes to identify vulnerabilities early in the software development lifecycle.
- Champion the adoption of security-by-design principles and secure development frameworks.
- Conduct red teaming exercises to proactively identify and mitigate potential security weaknesses.
- Execute incident response processes, ensuring timely detection, containment, and remediation of security incidents.
- Conduct post-incident reviews and implement actionable improvements to strengthen defences.
- Direct and oversee vulnerability assessment and penetration testing (VAPT) programs, ensuring timely identification and mitigation of risks.
- Manage software supply chain security initiatives, focusing on dependency management and third-party software assessments.
- Administer Web Application Firewalls (WAF) to protect against evolving threats.
- Implement and optimize API security measures to safeguard integrations and data exchange.
- Continuously evaluate and enhance the organization’s cybersecurity tools and processes.
- Ensure the organization’s security practices align with CBUAE Cyber Security requirements, ISO 27001, ISO 20000, UAE IA, GDPR, PCI DSS, and other applicable regulatory standards.
Qualifications:
- Bachelor’s or master’s degree in information technology or computer science.
- Any industry-leading cybersecurity certifications (CISSP, CISM, CCSP, CASP+, OSCP, Security+).
- 8–12 years of experience in cybersecurity roles, with at least 3–5 years in a team management position.
- Proven experience managing cloud security, application security architecture, and incident response programs.
- Hands-on experience with red teaming, secure code review, and vulnerability management.
- Strong understanding of cloud security frameworks and tools (e.g., AWS CSPM).
- Expertise in API security, WAF management, and secure software development practices.
- Ability to work collaboratively with cross-functional teams and influence decision-making.
