Senior Cybersecurity Expert
Job Fit Check
Base Career helps you apply smarter for this job.
Key skills for this role
About the Role
Location: Abu Dhabi, UAE About Us A leading UAE-based consumer technology company, building the digital infrastructure of everyday life with a focus on AI-powered fintech, communication, and digital services.
Key Skills for This Role
Full Job Posting
About Us
A leading UAE-based consumer technology company, building the digital infrastructure of everyday life with a focus on AI-powered fintech, communication, and digital services.
Guided by our philosophy, the Blueprint of Simplicity, we design technology around real human behavior, connecting people, enabling financial access, and making everyday experiences effortless.
Our flagship platform, botim, is the region’s most trusted fintech communication platform, combining secure VoIP with action-based AI and everyday money tools.
Through botim money, we provide financial services that serve both individuals and SMEs, making payments, transfers, and credit simpler and more accessible.
Today, the platform serves 150M+ users worldwide.
Our lending finance engine, Quantix, powers fast, regulated credit across the ecosystem, including innovative products such as CashNow for instant access.
From calls to credit, from daily services to big ambitions, we are rethinking how the region stays connected and financially included.
Role Summary
- We are seeking a hands-on Senior Cybersecurity Engineer with deep expertise in offensive security, secrets management, and secure platform engineering.
- This Role Focuses On Advanced Technical Execution, Including
- Red/Blue team operations
- Enterprise-grade Key & Secrets Management (PAM / HSM / Key Vault)
- DevSecOps security integration
- Infrastructure & application-level resilience (DR / security validation)
- The ideal candidate is a technical expert, capable of designing and implementing security controls, validating them through adversarial testing, and integrating them into modern cloud-native environments.
• Offensive Security & Adversarial Simulation
- Conduct Red Team operations, including:
- Initial access, lateral movement, privilege escalation
- Active Directory attack paths and identity compromise
- Support and enhance Blue Team detection capabilities
- Perform attack simulation & purple teaming to validate detection and response
- Develop custom attack scripts/tools for advanced scenarios
• Secrets & Key Management (Core Focus)
- Design and implement enterprise-grade secrets management architecture, including:
• PAM (Privileged Access Management)
- Cloud Key Management (Azure Key Vault / AWS KMS)
- HSM-backed key protection
- Define and enforce:
- Key lifecycle management (generation, rotation, revocation)
- Secure storage and usage of credentials, API keys, certificates
- Integrate secrets management into applications and CI/CD pipelines
- Identify and eliminate hardcoded secrets / credential leakage risks
• DevSecOps & Secure Engineering
- Integrate security into CI/CD pipelines:
- SAST, DAST, SCA, IaC scanning
- Implement policy-as-code and automated security gates
- Secure container and artifact pipelines (e.g., Docker, Kubernetes, registries)
- Work closely with engineering teams to embed security controls by design
• Infrastructure Security & DR Validation
- Design and execute Disaster Recovery (DR) and Resilience Testing, including:
- Infrastructure-level DR (cloud / network / identity)
- Application-level failover and recovery validation
- Validate security controls under failure scenarios
- Identify weaknesses in backup, recovery, and high availability design
• Security Assessment & Architecture Review
- Perform deep technical assessments:
- Cloud security (Azure / AWS)
- Network and system architecture
- Identity and access management
- Data protection mechanisms
- Provide actionable remediation guidance based on real attack paths
• Security Research & Continuous Improvement
- Track emerging threats, vulnerabilities, and exploitation techniques
- Conduct internal research on:
- Attack techniques
- Detection evasion
- Cloud-native attack vectors
- Produce technical documentation, advisories, and internal knowledge sharing
Technical Requirements
- Offensive Security
- Strong experience in:
- Web vulnerabilities (SQLi, XSS, SSRF, RCE, IDOR)
- System/network penetration (Windows/Linux)
- Active Directory attacks (Kerberos abuse, delegation, etc.)
- Familiar with tools:
• Burp Suite, Metasploit, Nmap, Nessus
- Cobalt Strike (or equivalent) – preferred
• Secrets & Cryptography (Critical)
- Hands-on experience with:
- PAM solutions
• Azure Key Vault And AWS KMS
- HSM-based key protection
- Understanding of:
- Cryptographic key lifecycle
- Certificate management (TLS/mTLS)
- Secure key usage patterns in applications
- DevSecOps
- Experience integrating:
- SAST / DAST / SCA tools
- CI/CD pipelines (Azure DevOps, GitHub Actions, Jenkins)
- Familiar with:
- Container security (Docker / Kubernetes)
- IaC security (Terraform, ARM, etc.)
• Programming And Scripting
- Proficiency in at least one:
- Python / Go / JavaScript / Bash
- Ability to develop security tools or automation scripts
Qualification Requirements
- Bachelor’s degree or above in Computer Science, Information Security, or related field
- 5+ years of hands-on cybersecurity engineering experience
- Strong experience in penetration testing, red teaming, or security engineering
- Familiar with security frameworks:
• OWASP, NIST, ISO 27001
- Experience in regulated environments (PCI-DSS, NESA) is a plus
Preferred Certifications
- OSCP (highly preferred)
- CEH
- Security+
- CISA (optional, not core)
Key Characteristics (Important)
- Strong hands-on technical depth, not just advisory
- Ability to break and build systems
- Security engineering mindset (not compliance-driven)
- Able to work independently on complex technical problems
Apply for this job in 1 click
Skip the repetitive application forms
Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.
Trusted by over 500,000 job seekers on Base Career
More from this employer
More jobs at Astra Tech
Manager- Customer Service
Dubai, UAE
Astra Tech seeks a Customer Service Manager in Dubai to oversee high-volume call centre and digital support operations in fintech. The role involves queue management, capacity planning, root cause analysis, and VoC insig
Java Developer
Abu Dhabi, UAE
Astra Tech is looking for a Java Developer to build and maintain Java-based credit risk systems for financial credit scenarios. The role involves designing high-availability APIs, integrating risk rules and ML models, an
Java Developer
Abu Dhabi, UAE
Astra Tech seeks a Java Developer to build and maintain credit risk systems for financial credit scenarios in Abu Dhabi. The role involves designing high-availability APIs, developing rule engines, integrating ML models,
Senior QA Engineer (Risk Management & Automation Testing)
Abu Dhabi, UAE
Astra Tech is seeking a Senior QA Engineer to design and execute test strategies with a focus on risk-based testing and automation for fintech systems. The role involves developing automation frameworks, performing perfo
Partnerships Manager – Consumer Products
Dubai, UAE
Astra Tech seeks a Partnerships Manager to drive customer engagement and product growth through strategic partnerships for consumer financial products in Dubai. The role involves sourcing, negotiating, and managing partn
L2 IT Support Engineer
Dubai, UAE
Astra Tech seeks an L2 IT Support Engineer to manage enterprise IT environment, provide advanced technical support, and administer Microsoft 365, Azure, networking, and enterprise applications. Requires 4+ years of IT su
Business Operations Manager
Abu Dhabi, UAE
Astra Tech seeks a Business Operations Manager to act as business PMO for the lending business, driving operational initiatives and coordinating cross-functional projects. Requires 5+ years in business operations or prog
Risk Systems & Strategy Deployment Manager
Abu Dhabi, UAE
We are looking for a Risk System and Strategy Deployment Manager to own credit risk systems and bridge Risk Strategy, Engineering, and Operations teams. The role involves deploying credit risk policies, monitoring perfor
Manager- Customer Service
Dubai, UAE
Java Developer
Abu Dhabi, UAE
Java Developer
Abu Dhabi, UAE
Senior QA Engineer (Risk Management & Automation Testing)
Abu Dhabi, UAE
Partnerships Manager – Consumer Products
Dubai, UAE
L2 IT Support Engineer
Dubai, UAE
Business Operations Manager
Abu Dhabi, UAE
Risk Systems & Strategy Deployment Manager
Abu Dhabi, UAE