Cybersecurity Engineer

Tarabut Gateway
AED 400,000 - 600,000
Job description

Role: Cybersecurity Engineer

Based: Dubai

Follow: You can follow us on LinkedIn

About TG...

Tarabut Gateway (TG) is the first and largest regulated Open Banking platform in the MENA, with offices in the Kingdom of Bahrain and the UAE. TG connects a regional network of banks and FinTechs via a universal application programming interface (API). By offering tools that allow the facilitation and distribution of personalized financial services, TG enables financial institutions to build a new world of financial services in MENA.

From our earliest days, we quickly became the region’s first applicant to a ‘regulatory sandbox’ through the Central Bank of Bahrain.

The clear objective is to build an infrastructure that accelerates an industry transformation. A multisided platform that connects banks, FinTechs, merchants, in the MENA region all on one platform, enabling a new realm of partnerships to be forged.

Fast forward to today, TG is in partnership with the largest banks in many countries. Our products are being built in Bahrain and will be ready to be shipped to other markets. At present we are focusing on scaling up our software engineering and product team to continue to better serve the lives of all 550 million people in the region.

This is the beginning of our journey, and as we see early stage FinTech start to emerge in other jurisdictions, there is no better time than now for the TG Platform to play its part in driving this new realm of financial services in MENA.

TG has already secured $25million investment in 2021 alone, including breaking records by securing the largest FinTech seed round in MENA history. Investors include (but not limited) Tiger Global, Target Global and Lumia capital.

About Team TG...

Working for TG could be the biggest challenge of your career! You will be exposed to every functions of the business, collaborate with inspiring colleagues that have unique ideas, and be given more autonomy than before to execute your ideas to scale. You will be challenged, held accountable and expected to run like it’s your own business

Curiosity is the gateway to learning. Thinking differently is key to our success. We don’t like normal, we prefer to create new rules for the game and redefine the status quo by challenging conventional thinking.

We have distributed teams in London, Dubai, Bahrain, and Saudi Arabia.

What you'll do...

We’re looking for a Cybersecurity Engineer with an analytical mind, and a detailed understanding of cybersecurity methodologies. You will be expected to have meticulous attention to detail, pragmatic problem-solving skills, work comfortably under pressure, and deliver on business as usual as well as implementation projects.You will be a key member of the Team, to ensure success you must display an excellent understanding of technology infrastructure firewall/WAF, load balancer, DNS, VPN, CDN, DLP, IDS/IPS, segmentation etc.

You should be comfortable working with a variety of hosting environments, technologies, and applications in troubleshooting problems and implementing solutions.

You will be working closely with technology and engineering teams you will be responsible for implementing systems and processes, monitoring security operations, and resolving security findings. You should have a passion for knowledge and be able to converse on a broad spectrum of security-related topics with your expertise concentrated in the areas of application and network security.

We seek a team player with a low ego, that is humble with high ambition. You’ll want to join a mission-driven company, building a world-class technology and security operation that inspires high-performingteams to deliver.


  • Build relationships with engineers and stakeholders to incorporate security principles into the product engineering lifecycle (shift-left/DevSecOps)
  • Have a good understanding of how modern applications are designed, developed, and deployed across different platforms to provide technical security advisory.
  • Understand all technical areas of security, especially application/API, endpoint, vulnerability, network, CI/CD, and cloud hosting.
  • Be aware of and have worked in a regulated company where ISO, NIST, CIS, etc. all play a big part in demonstrating compliance with regulatory security requirements.
  • Have experience working in security operations, following, and defining procedures for the effective monitoring of systems and services.
  • Have practical experience with security incident response, digital forensics investigations and mock tabletop exercises. You may have dealt with a major security breach in the past.
  • Have a good understanding of penetration testing methodologies (e.g. OWASP, OSSTMM, PTES), the tools and techniques involved, as well as the resulting reporting and remediation.
  • Work with the organisation’s existing toolset across SIEM, CSPM, EDR, and VM, to monitor the environments whilst identifying gaps in controls and proposing possible solutions.
  • Assist in the logging and prioritisation of security findings through automated and manual assessments promoting quick and effective remediation.
  • Communicate vulnerability details in a manner understood by technical and non-technical teams.
  • Assist the TechOps Team and business application owners to configure and test security controls.
  • Project manage the implementation of detective, preventative and corrective security controls to embed the organisation's security frameworks, policies, standards, and procedures effectively.
  • Have a keen eye for cyber risks, and poses the ability to identify, assess, and document potential security risks to the organisation.
  • Evangelise security across the business by developing knowledge articles and standard operating procedures that assist the business and its staff in operating securely.
  • Stay up to date with the latest cybersecurity threats, techniques, and recommend mitigation strategies.
  • Experience in a technical security-related role identifying threats and developing appropriate protection measures within security operations, incident detection and response, network security, or application security.

Nice to have:

  • Have a bachelor's degree in the Cyber/Information Security domain.
  • Hold one (or more) security qualifications/memberships e.g. CISSP, CISM etc.
  • Hold one (or more) vendor/cloud hosting security certifications
  • Experience working with a remote-first company with distributed teams
  • Experience within the FinTech, payments, or Open Banking industry

We're a remote first company where teamwork and collaboration has no barriers. We embrace diversity and encourage talent who bring a range of perspectives to apply for our roles even if you do not match every requirement in the list above. TG makes hiring decisions based on experience, aptitude, skill and sharing our company values. We will not discriminate with regards to any legally protected characteristics.