Infrastructure Security Engineer

Job Title: Infrastructure Security Engineer

Location: Pakistan
Employment Type: Full-Time
Experience Level: 6–10 Years (with strong Cloud Security focus)

We are seeking an experienced Infrastructure Security Engineer with deep expertise in Cloud Security, particularly in Oracle Cloud Infrastructure (OCI) and Google Cloud Platform (GCP). The role focuses on establishing, governing, and continuously improving cloud security posture in alignment with Saudi regulatory requirements and global best practices.

The ideal candidate will be responsible for defining cloud security strategies, designing secure cloud architectures, ensuring regulatory compliance, and conducting security reviews across cloud environments.

• Establish and maintain a cloud security roadmap, tracking progress against industry best practices and organizational goals.
• Define, implement, and continuously improve cloud security policies, standards, processes, and security baselines.
• Ensure cloud security controls are embedded across the infrastructure lifecycle.

• Ensure alignment with Saudi regulatory frameworks, including but not limited to:
• NCA Essential Cybersecurity Controls (ECC)
• NCA Cloud Cybersecurity Controls (CCC)
• SAMA Cybersecurity Framework (CSF)
• Improve organizational readiness for audits and regulatory assessments related to cloud security.

• Design and maintain secure cloud reference architectures for OCI and GCP, covering:
• Network segmentation and isolation
• Identity and access management (IAM)
• Encryption (data at rest and in transit)
• Workload and platform protection
• Ensure cloud designs adhere to security-by-design and zero-trust principles.

• Conduct cybersecurity reviews of cloud environments against SAB baseline and other applicable standards.
• Identify security gaps, risks, and remediation plans for cloud infrastructure.
• Collaborate with architecture, infrastructure, and application teams to remediate findings.

• Strong hands-on cloud security experience in:
  • Oracle Cloud Infrastructure (OCI)
  • Google Cloud Platform (GCP)
• Proven experience establishing and governing cloud security frameworks and roadmaps.
• Strong understanding of Saudi cybersecurity regulations (NCA ECC, NCA CCC, SAMA CSF).
• Experience designing secure cloud architectures, including networking, encryption, and workload security.
• Hands-on experience conducting cloud security assessments and compliance reviews.
• Solid understanding of cloud-native security services in OCI and GCP.

• Experience with multi-cloud or hybrid cloud environments.
• Security certifications such as CCSP, CISSP, CISM, OCI Security, or GCP Security Engineer.
• Experience working within regulated industries (Banking, Financial Services, Government).
• Arabic language skills (spoken and written) are a strong advantage.

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or a related field.