Skip to content

Security Engineer

Job Title: Security Engineer

Department: Information Security

Reports to: Senior Security Architect

Role Overview:

We are seeking an experienced Security Engineer to join Simpaisa Holdings, a multi-jurisdiction cross-border payments and remittances company operating across the Middle East and South Asia. The ideal candidate will be responsible for implementing, maintaining, and monitoring the organisation's security systems and infrastructure, encompassing firewalls, IDS/IPS, SIEM, endpoint detection, and vulnerability management tooling. Strong expertise in security technologies, SOC operations, and incident response, ensuring the protection of the organisation from cyber threats across all operating jurisdictions, is essential. Expertise in agile methodologies and collaborating with development and operations teams is also preferable.

Key Responsibilities:

  • Implement, configure, and manage security technologies and tools, such as firewalls, intrusion detection/prevention systems (IDS/IPS), antivirus software, endpoint detection and response (EDR) solutions, and security information and event management (SIEM) systems.
  • Operate and maintain SOC capabilities, including 24/7 monitoring of security alerts and events across payment processing infrastructure, analysing potential threats, and responding to security incidents according to established procedures.
  • Conduct vulnerability assessments and penetration testing to identify security weaknesses in payment systems, APIs, and applications.
  • Develop and maintain security policies, procedures, and standards in collaboration with the Senior Security Architect, aligned with PCI-DSS, ISO 27001, and SWIFT CSP requirements.
  • Administer user access and permissions to systems and applications based on the principle of least privilege, with particular attention to payment processing and settlement systems.
  • Perform security audits and compliance checks to ensure adherence to internal policies and external regulations (DFSA, SBP, SAMA, PCI-DSS, AML/CTF).
  • Manage vulnerability scanning and remediation workflows, tracking findings through to resolution across all environments.
  • Provide security awareness training and guidance to employees on security best practices, including phishing simulations and social engineering awareness.
  • Stay up-to-date with the latest security threats, vulnerabilities, and attack techniques relevant to the fintech and payments sector.
  • Troubleshoot security issues and provide technical support to users and other technology teams.
  • Participate in the planning and implementation of security enhancements and upgrades, including Bitbucket pipeline security controls.

Required Skills and Experience:

  • Agile: Awareness of agile principles and experience working with agile teams to implement security controls.
  • Communication: Good written and verbal communication skills with the ability to articulate technical security issues and solutions clearly.
  • Strategy and Planning: Ability to understand and follow security implementation plans. Strong organisational skills for managing security tasks and priorities across multiple jurisdictions.
  • Leadership & Influence Skills: Ability to take ownership of security tasks and contribute to the overall security posture of the organisation.
  • Problem-solving and Analytical skills: Strong problem-solving and analytical skills to diagnose and resolve security incidents and implement effective security controls.
  • Security Engineering Expertise: Solid understanding of security principles and technologies. Experience with SIEM platforms (e.g., Splunk, Sentinel, Elastic Security), EDR tools, vulnerability scanners (e.g., Nessus, Qualys), and cloud security (AWS). Knowledge of network protocols, operating systems, and system administration from a security perspective. Familiarity with scripting languages for automation (e.g., Python, Bash). Familiarity with PCI-DSS controls and ISO 27001 requirements. Relevant security certifications (e.g., Security+, CEH, CySA+) are a plus.
  • Teamwork and Collaboration: Ability to work effectively in a collaborative team environment across geographically distributed teams.

General Requirements for the Role:

  • Bachelor's Degree in related field: A bachelor's degree in Information Security, Computer Science, Engineering, or a related field is required.
  • 3+ years of experience in information security operations: Minimum of 3 years of progressive experience in implementing and managing security systems and responding to security incidents, preferably within financial services or payments.
  • Experience with security tools and technologies: Demonstrated experience in working with and managing SIEM, EDR, vulnerability management, and other security technologies.
  • Proven track record of contributing to a secure environment: A verifiable history of contributing to the security of IT systems and data in a regulated environment.

Benefits and Perks:

  • Competitive salary and comprehensive benefits package.
  • Opportunity to work with cutting-edge payments and fintech solutions and collaborate with skilled professionals across multiple markets.
  • Professional development and training opportunities, including security certification sponsorship.
  • Inclusive company culture that values diversity and innovation.