Information Security Engineer (SOC)

We're looking for a Cybersecurity Engineer!

• Department: Cyber Security Monitoring
• Employment Type: Full Time
• Location: KSA
• Workplace type: Onsite
• Reporting To: Weam Munshi

You will be working in a dynamic, rapidly evolving environment with the following responsibilities:

• Strong understanding of cloud services such as Google Cloud Platform (GCP), Terraform, CI/CD Security, Kubernetes Security, GitLab, and product security features and fixes.

• Perform Dynamic Application Security Testing (DAST) and Static Application Security Testing (SAST) for web, mobile, and API applications.
• Plan and conduct infrastructure vulnerability assessments and penetration testing of systems, switches, servers, and other critical components.

• Plan, implement, and manage enterprise-level Anti-Virus (AV) solutions to safeguard against malware, viruses, and other threats.

• Review corporate IT infrastructure security, including network security controls, anti-malware implementation, Cloud Security Posture Management (CPM), Data Loss Prevention (DLP), firewall rule sets, backup and disaster recovery, and vulnerability management processes.

• Work across various product and engineering teams to prioritize security features and bugs, ensuring implementation and mitigation.
• Collaborate with DevOps and other teams to implement and improve security controls and processes.

• Conduct phishing simulations and other awareness exercises to assess employee susceptibility to social engineering attacks.
• Provide targeted training to enhance resilience against cybersecurity threats.

• Automate and improve incident response procedures, including playbook creation to reduce manual response efforts.
• Monitor threats and vulnerabilities, conduct regular threat intelligence research, and develop detection rules using various tools.

• Degree in Information Technology, Computer Science, Software Engineering, or a related field.
• Knowledge of IT security issues and best practices, particularly in a fast‑paced fintech environment.
• Security certifications such as CEH, CompTIA Security+ (preferred but not required).
• Strong communication, influencing, and stakeholder management skills.
• Two to three years of experience working across teams to deliver security solutions and drive adoption.
• Experience in developing and delivering security training programs.
• Experience working in a culturally diverse environment.
• Understanding of online technologies, payment methods, content delivery networks, REST APIs, microservices, and application development.
• Programming and scripting knowledge (e.g., Bash, Python).
• Strong cloud experience, with knowledge of AWS, GCP, and OCI.

Tabby creates financial freedom in the way people shop, earn and save, by reshaping their relationship with money.

The company’s flagship offering allows shoppers to split their payments online and in-store with no interest or fees. Over 32,000 global brands and small businesses, including Amazon, Noon, IKEA and Shein use Tabby to accelerate growth and gain loyal customers by offering easy and flexible payments online and in stores.

Tabby has generated over $7 billion in transaction volume for its partner brands and has the highest rated, most reviewed, largest and fastest growing app of any fintech in the GCC region.

Tabby launched operations in 2020 and has raised +$1 billion in equity and debt funding from global and regional investors.

1. Applied
2. Review
3. HR call @Tabby
4. Technical interview @Tabby
5. Assessment
6. Final interview @Tabby
7. Hired

Not quite right? Register your interest to be notified of any roles that come along that meet your criteria.