IT Security Engineer

About the Company

SiFi is a Saudi B2B fintech company authorized by the Saudi Central Bank (SAMA). It provides wallet, disbursement, and payment solutions to businesses across Saudi Arabia using Oracle Cloud Infrastructure.

Role Purpose

The cybersecurity team defines security standards, checks compliance, and escalates results to governance. Technology owns the infrastructure that must follow those standards. This position sits between the two functions and carries out security controls on production and corporate infrastructure under Technology’s direction, with the goal of improving security posture and meeting SAMA Cybersecurity Framework requirements.

This is a practical, hands-on technical position rather than a policy, governance, or advisory role.

Key Responsibilities

In this role, you will focus on fixing vulnerabilities and strengthening infrastructure security across server, endpoint, network, and cloud environments. You will also work with SOC/MDR findings, privileged access controls, cloud security controls, and backup/restore security validation.

• Take ownership of remediation for infrastructure vulnerabilities affecting Windows, Linux, and network platforms.
• Drive Critical and High-risk findings to closure within the agreed remediation timelines.
• Plan and coordinate patching schedules with SRE, application teams, and business stakeholders.
• Implement and maintain hardening standards for servers, endpoints, network devices, and cloud workloads.
• Ensure EDR, MDM, and DLP coverage remains complete across all in-scope assets and close any coverage gaps.
• Resolve security weaknesses across server, endpoint, network, and cloud layers.
• Review SOC and MDR cases that require action on infrastructure assets.
• Analyze the root cause on the impacted server, endpoint, network device, or cloud asset.
• Apply technical corrective actions and close remediation items in coordination with the SOC/MDR partner.
• Enroll privileged accounts into the enterprise PAM solution.
• Address privileged access weaknesses such as shared accounts, persistent access, and poor credential handling.
• Support secure administration practices for SREs, database administrators, and infrastructure teams.
• Operate OCI security capabilities including IAM policies, network security lists, and security zones.
• Review and remediate OCI Cloud Guard alerts on an ongoing basis.
• Support secure cloud configuration during build and change activities.
• Maintain technical security controls over backup and restore infrastructure, including access control, encryption, immutability, and segmentation.
• Check that backup repositories and restore targets remain hardened and that restored systems are returned to baseline before being released.
• Perform security validation during restore testing, including backup integrity checks, tamper detection, and confirming recovered systems are safe to return to service.

Supporting Responsibilities

You will also assist with certain processes that are owned by other teams. In these cases, your role is limited to execution where infrastructure access or change is needed.

• Submit security-related change requests in the ITSM tool.
• Attach impact assessments, testing outcomes, and rollback proof to the change record.
• Assist with emergency changes when a security incident requires faster execution.
• Pull access reports from infrastructure sources such as AD, cloud, PAM, and network devices.
• Carry out approved removals or changes to access rights.
• Provide completion evidence to the review owner.
• Implement approved technical fixes related to suspected segregation-of-duties issues on infrastructure assets.
• Support investigations into possible SoD violations on infrastructure.
• Identify devices that are not compliant or not enrolled under MDM.
• Coordinate enrollment and remediation with the IT Support team.
• Support application security remediation only when the required fix involves infrastructure, IAM, network, cloud, or server changes.

Requirements

This role calls for 3 to 5 years of experience in IT security operations, infrastructure security, or security engineering.

• Practical experience with Oracle Cloud Infrastructure, including security controls, IAM, network security, and Cloud Guard.
• Experience using Qualys VMDR for vulnerability management and patch coordination.
• Hands-on exposure to ManageEngine Password Manager Pro for privileged access management.
• Experience with ManageEngine Endpoint Central for endpoint management and patching.
• Strong administration, hardening, and patching skills for Linux and Windows servers.
• Working knowledge of identity and access management concepts such as Active Directory, MFA, RBAC, and SoD.
• Ability to collaborate across teams while supporting security goals from within Technology.
• Strong written and spoken English communication skills; Arabic would be an advantage.
• Preferred: experience in a regulated financial institution or fintech environment.
• Preferred: familiarity with CIS Benchmarks or vendor hardening guidance.
• Preferred: exposure to ITSM platforms such as ManageEngine ServiceDesk Plus for change and incident workflows.

Additional Information

The role is based in Riyadh, Saudi Arabia, and is a full-time onsite position.

This position is focused on implementation and remediation work. It does not own BCP or DR strategy, RTO/RPO planning, or backup operations. It also does not own change management, access review governance, SoD policy, endpoint support ownership, or application code remediation.

The role requires coordination with SRE, application owners, business owners, SOC/MDR partners, IT Support, and governance owners as needed.