Senior Cybersecurity Engineer

Our Company

NymCard's mission is to enable fintech and financial innovators to launch frictionless payment programmes with our modern infrastructure, at record speed. Our open API modern card issuing platform provides flexibility and control to issue cards, authorise transactions, and manage payment operations with just one integration and one partner.

We are a team of industry experts and technology innovators who take a dynamic approach to solving complex industry challenges. NymCard has an open and collaborative work environment, and together we make up the NymCardian Nation. We power possibilities for our customers AND each other by bringing the best talent together to do the best quality work we can.

By staying true to our core values: Respect, Transparency, Collaboration, Quality, Speed, Courage, NymCards strives to build a diverse global team that reflects the markets we serve. It is an exciting time to join NymCard. As our business grows, so do your opportunities. To learn more about NymCard, visit our Website and LinkedIn.

The Role

The Information Security Engineer plays a crucial role in safeguarding the organization's information assets by maintaining the confidentiality, integrity, and availability of critical data. They are responsible for implementing and managing security measures, conducting assessments, mitigating vulnerabilities, and responding to security incidents. The engineer works closely with cross-functional teams to identify threats, deploy controls, and fortify systems, networks, and data against cyber threats.

Main Duties And Responsibilities

• Collaborate with the Information Security head to analyze and identify risks and vulnerabilities.
• Design and implement relevant security changes where feasible.
• Analyse regulatory security requirements across GCC as needed.
• Participate in the design and security acceptance of new infrastructure and platform initiatives.
• Conduct regular internal and external vulnerability scans and advise DevOps teams on priorities.
• Organize penetration tests according to policies and procedures.
• Support security audits focusing on automated and infrastructure audits (IAC security), cloud services, Terraform, Kubernetes, etc.
• Lead remediation efforts for audit, scan, and pen-test findings in collaboration with technology teams.
• Manage installation, configuration, and maintenance of security applications like AV, SIEM, DLP, FIM.
• Promote security awareness within the technology team and act as an InfoSec ambassador.
• Assist with source code security reviews for various development languages.

• Degree in Engineering or IT-related field
• At least 3 years of experience in Information Security engineering
• Knowledge of security frameworks and practices; PCI-DSS experience is a plus
• Experience with infrastructure security tools (WAFs, IDS/IPS, NextGen Firewall)
• Experience with security tools like Antivirus, FIM, SIEM (Wazuh/OSSEC), IAM
• Knowledge of Kubernetes, Docker Swarm, or similar
• Excellent communication skills, both written and verbal
• Strong interpersonal and organizational skills; team player
• Positive attitude, flexible approach
• Analytical, detail-oriented, quick learner
• Problem-solving skills and proactive thinking
• Effective stakeholder management skills