IT Security Engineer
Job Fit Check
Base Career helps you apply smarter for this job.
Key skills for this role
About the Role
SiFi is seeking a hands-on IT Security Engineer to execute security controls on production and corporate infrastructure.
Key Skills for This Role
Responsibilities
- Own technical remediation of infrastructure vulnerabilities across Windows, Linux, and network platforms
- Track Critical and High findings to closure within remediation SLAs
- Coordinate patching windows with SRE, application, and business owners
- Apply and maintain hardening baselines for servers, endpoints, network devices, and cloud workloads
- Maintain EDR, MDM, and DLP coverage across all in scope assets — identify and close gaps
- Remediate security gaps across server, endpoint, network, and cloud surfaces
- Investigate SOC and MDR cases that require action on infrastructure
- Determine root cause on the affected asset (server, endpoint, network, cloud)
- Apply technical fixes and close remediation actions in coordination with the SOC / MDR partner
- Onboard privileged accounts into the enterprise PAM platform
- Remediate privileged access gaps across infrastructure (shared accounts, standing access, weak credential handling)
- Support secure administrative access practices for SRE, DBAs, and infrastructure operators
Requirements
- 3–5 years in IT security operations, infrastructure security, or security engineering
- Hands on experience with Oracle Cloud Infrastructure (OCI) — security controls, IAM, network security, Cloud Guard (Must)
- Hands on experience with Qualys VMDR for vulnerability and patch management
- Hands on experience with ManageEngine Password Manager Pro (PMP) for privileged access management
- Hands on experience with ManageEngine Endpoint Central for endpoint management and patching
- Strong Linux and Windows server administration, hardening, and patching experience
- Working knowledge of identity and access management (Active Directory, MFA, RBAC, SoD principles)
- Ability to work across teams — this role sits in Technology but serves security objectives
- Strong written and verbal communication in English; Arabic is a plus
Full Job Posting
About SiFi
- SiFi is a Saudi B2B fintech licensed by the Saudi Central Bank (SAMA), delivering wallet, disbursement, and payment services to enterprises across the Kingdom on Oracle Cloud Infrastructure.
Purpose of the Role
- The Cybersecurity function sets security standards, monitors compliance, and reports to governance. The Technology department owns and operates the infrastructure those standards apply to. This role bridges the two — executing security controls on production and corporate infrastructure under the di
- This is a hands on technical role, not a policy or advisory position.
Core Responsibilities
- Vulnerability & Patch Remediation: Own technical remediation of infrastructure vulnerabilities across Windows, Linux, and network platforms.
- Track Critical and High findings to closure within remediation SLAs.
- Coordinate patching windows with SRE, application, and business owners.
- Infrastructure Security Operations: Apply and maintain hardening baselines for servers, endpoints, network devices, and cloud workloads.
- Maintain EDR, MDM, and DLP coverage across all in scope assets — identify and close gaps.
- Remediate security gaps across server, endpoint, network, and cloud surfaces.
- SOC / MDR Case Remediation: Investigate SOC and MDR cases that require action on infrastructure.
- Determine root cause on the affected asset (server, endpoint, network, cloud).
- Apply technical fixes and close remediation actions in coordination with the SOC / MDR partner.
- PAM & Privileged Access Implementation: Onboard privileged accounts into the enterprise PAM platform.
- Remediate privileged access gaps across infrastructure (shared accounts, standing access, weak credential handling).
- Support secure administrative access practices for SRE, DBAs, and infrastructure operators.
Assist Responsibilities
- Change Management: Raise security related change requests in the ITSM system.
- Attach security impact assessments, test results, and rollback evidence.
- Support emergency changes when a security incident requires accelerated execution.
- User Access Reviews: Extract access reports from infrastructure (AD, cloud, PAM, network devices).
- Implement approved access removals or modifications.
- Provide evidence of completion to the review owner.
- Segregation of Duties: Implement approved technical remediation on infrastructure.
- Support investigation of suspected violations on infrastructure assets.
- MDM Compliance: Identify non compliant or unenrolled devices.
- Coordinate enrollment and remediation with IT Support (primary owner).
- Application Security Remediation: Support remediation only when the fix requires infrastructure, IAM, network, cloud, or server changes.
Requirements
- 3–5 years in IT security operations, infrastructure security, or security engineering.
- Hands on experience with Oracle Cloud Infrastructure (OCI) — security controls, IAM, network security, Cloud Guard (Must)
- Qualys VMDR for vulnerability and patch management
- ManageEngine Password Manager Pro (PMP) for privileged access management
- ManageEngine Endpoint Central for endpoint management and patching
- Strong Linux and Windows server administration, hardening, and patching experience.
- Working knowledge of identity and access management (Active Directory, MFA, RBAC, SoD principles).
- Ability to work across teams — this role sits in Technology but serves security objectives.
- Strong written and verbal communication in English; Arabic is a plus.
- Preferred: Experience in a regulated financial institution or fintech environment.
- Familiarity with CIS Benchmarks or vendor hardening guides.
- Exposure to ITSM platforms (e.g. ManageEngine ServiceDesk Plus) for change and incident workflows.
Apply for this job in 1 click
Skip the repetitive application forms
Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.
Trusted by over 500,000 job seekers on Base Career
More from this employer
More jobs at SiFi
Tamheer Opportunity – Cyber Security Specialist
Riyadh, KSA
SiFi is seeking a Cyber Security Specialist for a Tamheer internship program. The role requires a Bachelor's degree in Cybersecurity or a related field, and involves understanding cybersecurity principles, using security
Infrastructure Manager
Riyadh, KSA
SiFi is hiring an Infrastructure Manager to lead the SRE team and drive infrastructure strategy. This hands-on role involves architecture decisions, incident management, security, and compliance with SAMA regulations. Ca
Customer Success Specialist
Riyadh, KSA
SiFi, a B2B FinTech company in Saudi Arabia, seeks a Customer Success Specialist to support customer onboarding, adoption, and satisfaction. The role involves assisting with account setup, responding to inquiries, gather
AML officer ( Saudi Nationality only)
Riyadh, KSA
SiFi, a FinTech company in Saudi Arabia, seeks an AML Officer to assist in developing and overseeing the AML program. Responsibilities include conducting CDD/EDD, monitoring transactions, preparing SARs, and maintaining
Cybersecurity GRC Specialist
Riyadh, KSA
SiFi seeks a Cybersecurity GRC Specialist to manage governance, risk, and compliance lifecycle, including SAMA CSF, PDPL/NDMO, and PCI-DSS compliance. The role requires 2+ years in a dedicated GRC role, hands-on SAMA CSF
Internal Audit Manager
Riyadh, KSA
SiFi seeks an Internal Audit Manager to coordinate internal audit activities, manage risk-based audit plans, and collaborate with external audit firms. The role requires 3-5 years of internal audit experience in regulate
Tamheer Opportunity – Internal Audit
Riyadh, KSA
SiFi is seeking a Saudi national for a Tamheer internship in Internal Audit. The role offers hands-on experience in audit, risk management, and governance. Ideal for recent graduates with a degree in Accounting, Finance,
Senior Data Engineer (Data & AI)
Riyadh, KSA
SiFi is looking for a Senior Data Engineer to define and scale the foundation of their data platform. You will design and own the data platform, modeling standards, and AI-ready infrastructure, ensuring accurate and trus
Tamheer Opportunity – Cyber Security Specialist
Riyadh, KSA
Infrastructure Manager
Riyadh, KSA
Customer Success Specialist
Riyadh, KSA
AML officer ( Saudi Nationality only)
Riyadh, KSA
Cybersecurity GRC Specialist
Riyadh, KSA
Internal Audit Manager
Riyadh, KSA
Tamheer Opportunity – Internal Audit
Riyadh, KSA
Senior Data Engineer (Data & AI)
Riyadh, KSA