Cybersecurity Analyst

Location: Dubai

Instant payments? Personal finance products? Faster loan/credit applications from more accurate credit history? Buy now pay later? Crypto?

Did you know you\'re likely to have used Open Banking in everyday life within the above products without even realising? Once held exclusively by banks, personal financial data is now available for startups and developers to create new financial services and tools to benefit end users!

Well, at Tarabut we are enabling Open Banking in the MENA region, which is made up of over 550 million people! We are the first & largest Open Banking platform in MENA & already have a license in Bahrain, Dubai & Saudi Arabia where the banks are being made by the regulators to expose APIs. Think how much of an impact you could have, being part of the product mission for that region...

About the Cybersecurity team...

You\'ll get to work with some of the industry innovators in our Cybersecurity team, which will empower you to support developing market leading solutions.

We are seeking a highly motivated and skilled Cybersecurity Analyst to join our dynamic cybersecurity team. The Cybersecurity Analyst will play a critical role in monitoring, detecting, and responding to security incidents and threats to safeguard our organization\'s digital assets. This position requires a strong understanding of cybersecurity best practices, incident response procedures, and the ability to work effectively in a fast-paced security operations environment. You will be reporting to the Cybersecurity Lead, responsible for overseeing and guiding your work within the cybersecurity team as well as developing your technical and organisational skills.

It is essential to demonstrate a strong theoretical foundation in cybersecurity and possess analytical skills for proactive threat investigation and response. We seek team players that have low ego but high ambition.

What we are looking for from you...

This role will give you a broad exposure to Cybersecurity within a Fintech organisation, we do need you to have experience with:

• Incident Response: Participate in incident response activities, including detection, analysis, containment, eradication, and recovery. Coordinate with cross-functional teams to ensure timely and effective response to security incidents.
• SIEM: Use effectively the tools available to detect and respond, analyze and correlate events to protect the organization. Further create and refine custom correlation rules and alerts for improved detection.
• Malware Analysis: Where needed analyze and reverse-engineer malware samples to identify their capabilities, origins, and potential impact on the organization\'s infrastructure.
• Vulnerability Management: Leveraging an understanding of the vulnerability management lifecycle and previous experience in promptly addressing zero-day, critical, and high-severity vulnerabilities within established timeframes.

You\'re an even stronger fit if you have experience with:

• Application Security: A strong theoretical understanding and some practical experience in probing application-related security threats, with a particular emphasis on investigating OWASP Top 10 attacks.
• Email Security: Practical hands-on experience in investigating email security-related threats and the capability to modify email policies to proactively mitigate these threats.
• Network Security: Demonstrate hands-on expertise in the analysis of firewall and Intrusion Prevention System (IPS) logs.
• Identity Access Management: Previous experience working with cloud-based access management technologies (Single Sign-On (SSO), Conditional Access, Azure AD, OAuth 2.0, etc.) as well as resolving authentication incidents.
• Cloud Technologies: Demonstrate proficiency in cloud security (AWS, OCI, Azure, GCP) with a focus on the exploration and safeguarding of cloud-based assets.
• EDR: Previous experience working with (or implementing) EDR solutions to detect and mitigate advanced threats on endpoints.
• Operating Systems: Proficient hands-on experience in the analysis of various operating system logs, including Windows, Mac, and Linux.
• Forensics: Knowledge of digital forensics and the process of investigations to gather evidence, analyze security incidents, and support incident response efforts.
• CSPM: Manage Cloud Security Posture Management tools to ensure the security of cloud environments and compliance with industry standards.
• DevSecOps: Theoretical and practical experience working in a DevOps environment with a focus on security. An understanding of \xe2\x80\x9cshift-left" culture and its implications for cybersecurity.
• Frameworks: Utilize the MITRE ATT&CK framework (and others) to map and analyze threat actor techniques, tactics, and procedures (TTPs), enhancing threat detection and prevention capabilities.
• Procedures: Develop and maintain comprehensive Standard Operating Procedures (SOPs) for various security processes, ensuring consistent and efficient incident handling.
• Degree in the Cybersecurity or Information Technology domain.
• Hold one (or more) security qualifications/memberships e.g., CEH, GCIH, CSA, etc.
• Experience within the FinTech, payments, or Open Banking.
• Experience working with a remote-first company with distributed teams.
• Hold one (or more) vendor/cloud hosting security certifications e.g., AWS Security.

We don\'t expect you to meet every requirement so please still apply if you feel you are a match.

Join us if you want...

• To work for one of the top FinTech\'s in the MENA region you will have the opportunity to work on meaningful and impactful projects that have the potential to change the financial industry.
• The chance to build a product from scratch and make a difference.
• We value collaboration and teamwork at Tarabut Gateway. You will be working with a talented and diverse team of professionals who are passionate about creating innovative solutions in the FinTech industry. You will have the opportunity to learn from your colleagues and contribute to exciting projects.
• To work with an incredibly talented team, who have experience of scaling open banking platforms in other regions.
• A competitive compensation package (base + equity) with reviews every year
• Flexibility, do you prefer to work from the office or home it is completely up to you and what suits your lifestyle.
• Regular in person team socials every quarter where we always to the top local attractions.
• The chance to visit our diverse team based in Dubai, United Kingdom, Bahrain and Saudi Arabia.
• 28 days annually plus banks holidays, so you have plenty of time to enjoy life outside work.
• A chance to make an enormous impact and work in agile ways to achieve our goals.
• We are not just looking for people to fit into our culture we are looking for people to drive our culture.
• A choice of top of the range headphones as a welcome gift!

Diversity is one of our strengths...

We\'re a remote first company where team work and collaboration has no barriers. We embrace diversity and encourage talent who bring a range of perspectives to apply for our roles even if you do not match every requirement in the list above. Tarabut makes hiring decisions based on experience, aptitude, skill and sharing our company values. We will not discriminate with regards to any legally protected characteristics.

Tarabut Gateway