Cybersecurity Lead

Location: Dubai or UK (Remote working)

Instant payments? Personal finance products? Faster loan/credit applications from more accurate credit history? By now pay later? Crypto?

Did you know you\'re likely to have used Open Banking in everyday life within the above products without even realising? Once held exclusively by banks, personal financial data is now available for startups and developers to create new financial services and tools to benefit end users!

Well, at TG we are enabling Open Banking in the MENA region, which is made up of over 550 million people! We are the first & largest Open Banking platform in MENA & already have a license in Bahrain, Dubai & Saudi Arabia where the banks are being made by the regulators to expose APIs. Think how much of an impact you could have, being part of the product mission for that region...

About the Cybersecurity team...

We\'re looking for a hands-on and proactive Cybersecurity Lead with an analytical mind, and a detailed understanding of cybersecurity controls and methodologies. You will be expected to have meticulous attention to detail, pragmatic problem-solving skills, work comfortably under pressure, and deliver on business as usual as well as implementation projects. Reporting to the Head of Information Security you will be a key member of the wider Information Security Team responsible for leading Cybersecurity on a day-to-day basis.

To ensure success you must display an excellent theoretical understanding of cybersecurity as well as the practical hands-on experience in implementation and application of controls. Working with Information Security team members, and across technology teams you will be responsible for the implementation, maintenance, and improvement of the organisation\'s security posture through effective management of cybersecurity people, processes, and technology.

At TG, we\'re building a culture of continuous professional growth, engineering excellence, and building great relationships with colleagues along the way. We seek team players that have low ego but high ambition.

We\'ll need you to...

• Lead cybersecurity as a hands-on technical leader, mentoring individuals, guiding and implementing continuous control and technology improvements.
• Provide technical security advisory by having an excellent understanding of how modern applications are designed, developed, and deployed across different cloud platforms.
• Evangelise security across the business by developing knowledge articles and standard operating procedures that assist the team and business staff in operating securely. Foster relationships across engineering to lead the incorporation security principles and responsibilities into the product engineering lifecycle (\xe2\x80\x9cshift-left\xe2\x80\x9d and DevSecOps).
• Project manage the implementation of detective, preventative and corrective security controls to embed the organisation\'s security frameworks, policies, standards, and procedures effectively.
• Have experience working in/leading security operations; configure the ingestion of data and events, alerting, automation, author/communicate/improve procedures for the effective investigation and response to system and service events/incidents.
• Have practical experience in security incident response, digital forensics investigations, and wargames/ tabletop exercises. You may have dealt with a major security breach in the past to gain this knowledge.
• Proficiency with common cybersecurity tools and technologies with a proactive attitude to learning the existing toolset quickly (VM, SIEM, CNAPP, EDR, WAF, IPS, etc.).
• Understand all technical areas of cybersecurity; especially SOC, vulnerability management, application/API, endpoint, network, CI/CD, and cloud hosting.
• Have a good understanding of penetration testing methodologies (OWASP, OSSTMM, ISSAF, PTES etc.), the tools and techniques involved, as well as reporting and remediation practices.
• Assist GRC team members to help document security controls as part of the organisation\'s ISMS, audit technical areas of the business, and respond to commercial requests for information.

• 5+ years of experience in a senior cybersecurity engineer role looking for the next step in leading a team.
• A strong knowledge of current cybersecurity threats, trends, and mitigation strategies.
• Have experience working in a software engineering organisation in a regulated industry and certified to international security standards (ISO 27001).
• Degree in the Cyber/Information Security domain.
• Hold one (or more) security qualifications/memberships e.g., CISSP, CISM etc.
• Experience within the FinTech, payments, or Open Banking.

• Experience working with a remote-first company with distributed teams.
• Experience setting up and managing a SOC.
• Experience of performing penetration testing having worked for a consultancy.
• Hold one (or more) vendor/cloud hosting security certifications e.g., AWS Security.

We don\'t expect you to meet every requirement so please still apply if you feel you are a match.

Join us if you want...

• To work for one of the top FinTech\'s in the MENA region you will have the opportunity to work on meaningful and impactful projects that have the potential to change the financial industry.
• The chance to build a product from scratch and make a difference.
• We value collaboration and teamwork at Tarabut Gateway. You will be working with a talented and diverse team of professionals who are passionate about creating innovative solutions in the FinTech industry. You will have the opportunity to learn from your colleagues and contribute to exciting projects.
• To work with an incredibly talented team, who have experience of scaling open banking platforms in other regions.
• A competitive compensation package (base + equity) with reviews every year
• Flexibility, do you prefer to work from the office or home it is completely up to you and what suits your lifestyle.
• Regular in person team socials every quarter where we always to the top local attractions.
• The chance to visit our diverse team based in Dubai, United Kingdom, Bahrain and Saudi Arabia.
• 28 days annually plus banks holidays, so you have plenty of time to enjoy life outside work.
• A chance to make an enormous impact and work in agile ways to achieve our goals.
• We are not just looking for people to fit into our culture we are looking for people to drive our culture.
• A choice of top of the range headphones as a welcome gift!

Diversity is one of our strengths...

We\'re a remote first company where team work and collaboration has no barriers. We embrace diversity and encourage talent who bring a range of perspectives to apply for our roles even if you do not match every requirement in the list above. TG makes hiring decisions based on experience, aptitude, skill and sharing our company values. We will not discriminate with regards to any legally protected characteristics.

Tarabut Gateway