Group Head of Security
Job Fit Check
Base Career helps you apply smarter for this job.
Key skills for this role
About the Role
CFI Financial Group seeks a Head of Security to lead cybersecurity, combining offensive security expertise with hands-on engineering. The role builds security frameworks, ensures compliance, and integrates security into CI/CD pipelines.
Key Skills for This Role
Responsibilities
- Build security frameworks based on ISO 27001, NIST CSF, CIS Controls, and SOC 2, ensuring compliance with DORA, EBA Guidelines, ISO 27001.
- Implement information security governance structure, policies, and risk management processes.
- Establish and maintain security metrics, KPIs, and reporting for executive leadership.
- Design and implement network segmentation and secure perimeter architecture.
- Collaborate with development teams to establish secure SDLC practices: Integrate security into CI/CD pipelines with automated quality gates (SAST, DAST, SCA, container scanning, application security tools).
- Conduct penetration testing and API security assessments using Kali Linux, Metasploit, Burp Suite, and other offensive security tools.
- Provide hands on remediation guidance that developers can implement.
Requirements
- Required Certifications (minimum 2): Offensive Security (OSCP, OSCE, GPEN, or CEH), Security Management (CISSP or CISM), Cloud Security (CCSP, AWS Security Specialty, or Azure Security Engineer), Audit (CISA)
- 8+ years in information security roles
- 3+ years in security leadership positions
- Experience in regulated financial services (banking, brokerage, payments, fintech)
- Hands on penetration testing and vulnerability assessment experience
- Development or DevOps background with practical coding experience
- Successfully implemented DevSecOps practices and security automation
- Experience with regulatory audits and compliance assessments
- Proficiency in Python or at least one other programming language
- Mandatory proficiency in Bash, Zsh, and PowerShell
Full Job Posting
Description
- We’re seeking a Head of Security to lead and develop our cybersecurity function as an independent structure reporting directly to the CEO.
- This role requires a unique blend of offensive security expertise, hands on engineering background, and the ability to implement pragmatic security controls that guard rather than block business velocity.
- You’ll work closely with the CTO and technology teams to build security into our delivery pipeline while preparing the organization for regulatory compliance in financial services.
Key Responsibilities
- Build security frameworks based on ISO 27001, NIST CSF, CIS Controls, and SOC 2, Ensure compliance with DORA, EBA Guidelines, ISO 27001
- Implement information security governance structure, policies, and risk management processes
- Establish and maintain security metrics, KPIs, and reporting for executive leadership
- Secure Perimeter & Infrastructure Protection Design and implement network segmentation and secure perimeter architecture
- Collaborate with development teams to establish secure SDLC practices: Integrate security into CI/CD pipelines with automated quality gates (SAST, DAST, SCA, container scanning, application security tools)
- Conduct penetration testing and API security assessments using Kali Linux, Metasploit, Burp Suite, and other offensive security tools
- Provide hands on remediation guidance that developers can implement
Requirements
- Required Certifications (minimum 2): Offensive Security (OSCP, OSCE, GPEN, or CEH), Security Management (CISSP or CISM), Cloud Security (CCSP, AWS Security Specialty, or Azure Security Engineer), Audit (CISA)
- 8+ years in information security roles
- 3+ years in security leadership positions
- Mandatory: Experience in regulated financial services (banking, brokerage, payments, fintech)
- Hands on penetration testing and vulnerability assessment experience
- Development or DevOps background with practical coding experience
- Successfully implemented DevSecOps practices and security automation
- Experience with regulatory audits and compliance assessments
Required Technical Skills
- Offensive security tools: Kali Linux, Metasploit, Burp Suite, Nmap, Wireshark, SQLMap
- Programming: Proficient in Python (preferable) or at least one other language
- Scripting: Mandatory proficiency in Bash, Zsh, and PowerShell
- Pragmatic security mindset: Balance security with business enablement
- Collaborative leadership: Build trust with engineering teams
- Strong communication: Translate security risks into business impact
Nice to Have
- Experience with trading platforms, payment systems, or financial infrastructure
- Knowledge of AI/ML/LLM security considerations
- Familiarity with MT5, trading APIs, payment processing systems
Why join CFI?
- We’re a fast growing, multinational company
- Competitive salaries and benefits
- Work and learn with industry professionals
- Supportive and collaborative environment
- Unlimited opportunities for growth and development
Apply for this job in 1 click
Skip the repetitive application forms
Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.
Trusted by over 500,000 job seekers on Base Career
More from this employer
More jobs at CFI Financial Group
Community Manager- Crypto
Dubai, UAE
CFI Financial Group seeks a Community Manager – Crypto to manage and grow online communities on Telegram, Discord, and Twitter. Responsibilities include engaging with members, monitoring discussions, organizing activitie
SEO and ASO Manager
Dubai, UAE
CFI Financial Group is looking for an SEO & ASO Manager to own organic growth across web and mobile. The role involves technical SEO, content strategy, app store optimization, and GEO/LLM search visibility. Candidates mu
Backoffice Officer
Dubai, UAE
CFI Financial Group is hiring a Backoffice Officer in Dubai to handle client onboarding, KYC validation, and support sales and compliance teams. The role requires a Bachelor's degree and no prior experience, with good Mi
Lead Software Engineer (Python)
Dubai, UAE
CFI Financial Group is hiring a Backend Technical Lead (Python) in Dubai to develop features, define technical specs, and ensure software quality. The role requires 4+ years of Python experience, 1+ year as a Technical L
Fixed Income Electronic Trading Lead
Dubai, UAE
CFI Financial Group is seeking a Fixed Income Electronic Trading Lead to lead the electronic trading project from planning through go-live. The role involves configuring fixed income instruments, managing pricing feed in
Python Developer - Crypto
Dubai, UAE
CFI Financial Group is an award-winning global trading provider with more than 25 years of experience, operating across multiple offices worldwide including London, Larnaca, Beirut, Amman, Dubai, Kuwait, Port Louis, and
System Analyst Team Lead
Dubai, UAE
Who are we? CFI Financial Group is an award-winning trading provider, possessing more than 25 years of experience with multiple offices around the world including London, Larnaca, Beirut, Amman, Dubai, Port Louis, and ot
Group Head of Security
Dubai, UAE
Who are we? CFI Financial Group is an award-winning trading provider, possessing more than 25 years of experience with multiple offices around the world including London, Larnaca, Beirut, Amman, Dubai, Kuwait, Port Louis
Community Manager- Crypto
Dubai, UAE
SEO and ASO Manager
Dubai, UAE
Backoffice Officer
Dubai, UAE
Lead Software Engineer (Python)
Dubai, UAE
Fixed Income Electronic Trading Lead
Dubai, UAE
Python Developer - Crypto
Dubai, UAE
System Analyst Team Lead
Dubai, UAE
Group Head of Security
Dubai, UAE