{bc}
linkedin

Group Head of Security

CFI Financial Group
Dubai, UAE
Full Time
Director
3 weeks ago
ISO 27001NIST CSFCIS ControlsSOC 2DORAEBA Guidelines
Free

Job Fit Check

Base Career helps you apply smarter for this job.

?%
Ready to Scan

Key skills for this role

ISO 27001NIST CSFCIS Controls
Smart Apply

Full Job Posting

Description

  • We’re seeking a Head of Security to lead and develop our cybersecurity function as an independent structure reporting directly to the CEO.
  • This role requires a unique blend of offensive security expertise, hands on engineering background, and the ability to implement pragmatic security controls that guard rather than block business velocity.
  • You’ll work closely with the CTO and technology teams to build security into our delivery pipeline while preparing the organization for regulatory compliance in financial services.

Key Responsibilities

  • Build security frameworks based on ISO 27001, NIST CSF, CIS Controls, and SOC 2, Ensure compliance with DORA, EBA Guidelines, ISO 27001
  • Implement information security governance structure, policies, and risk management processes
  • Establish and maintain security metrics, KPIs, and reporting for executive leadership
  • Secure Perimeter & Infrastructure Protection Design and implement network segmentation and secure perimeter architecture
  • Collaborate with development teams to establish secure SDLC practices: Integrate security into CI/CD pipelines with automated quality gates (SAST, DAST, SCA, container scanning, application security tools)
  • Conduct penetration testing and API security assessments using Kali Linux, Metasploit, Burp Suite, and other offensive security tools
  • Provide hands on remediation guidance that developers can implement

Requirements

  • Required Certifications (minimum 2): Offensive Security (OSCP, OSCE, GPEN, or CEH), Security Management (CISSP or CISM), Cloud Security (CCSP, AWS Security Specialty, or Azure Security Engineer), Audit (CISA)
  • 8+ years in information security roles
  • 3+ years in security leadership positions
  • Mandatory: Experience in regulated financial services (banking, brokerage, payments, fintech)
  • Hands on penetration testing and vulnerability assessment experience
  • Development or DevOps background with practical coding experience
  • Successfully implemented DevSecOps practices and security automation
  • Experience with regulatory audits and compliance assessments

Required Technical Skills

  • Offensive security tools: Kali Linux, Metasploit, Burp Suite, Nmap, Wireshark, SQLMap
  • Programming: Proficient in Python (preferable) or at least one other language
  • Scripting: Mandatory proficiency in Bash, Zsh, and PowerShell
  • Pragmatic security mindset: Balance security with business enablement
  • Collaborative leadership: Build trust with engineering teams
  • Strong communication: Translate security risks into business impact

Nice to Have

  • Experience with trading platforms, payment systems, or financial infrastructure
  • Knowledge of AI/ML/LLM security considerations
  • Familiarity with MT5, trading APIs, payment processing systems

Why join CFI?

  • We’re a fast growing, multinational company
  • Competitive salaries and benefits
  • Work and learn with industry professionals
  • Supportive and collaborative environment
  • Unlimited opportunities for growth and development

Apply for this job in 1 click

Skip the repetitive application forms

Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.

Sarah M.James T.Maya R.

Trusted by over 500,000 job seekers on Base Career

Start Free Today

More from this employer

More jobs at CFI Financial Group