Software Security Engineer

Riyadh, Saudi Arabia

Full time

Engineering

We are looking for a Software Security Engineer to ensure the security of our applications
through vulnerability assessment, penetration testing, and threat modeling. You will collaborate closely with software engineering, DevOps, and security teams to identify and remediate security weaknesses in code, architecture, and application workflows.

Lean has tripled in size over the past twelve months. We’re on track to triple again next year.

What started as the region’s pioneering Open Finance platform is now becoming something bigger: a multi-product infrastructure company powering payments, data, and lending across MENA. We’re expanding into new markets, opening offices, acquiring businesses, and building capabilities that didn’t exist here before.

We’ve processed billions of dollars in transactions. We’re trusted by 300+ clients - from Binance and Careem to Etisalat - and backed by General Catalyst, Sequoia, and Shorooq. Our $67.5M Series B was just the beginning.

• Application Security & Threat Modeling

  • Conduct threat modeling and security reviews for applications and APIs.

  • Collaborate with engineering teams to implement secure coding and design improvements.

  • Perform architecture risk analysis for microservices and distributed systems.

  • Understand and identify code-level issues across stacks such as React, NodeJS, Python, and Java.

  • Define security requirements and acceptance criteria during design and development.

  • Experience working in collaboration with product managers and software engineering teams to improve security throughout SDLC.

• Vulnerability Assessment & Penetration Testing

  • ExperiencePerform regular vulnerability scans, penetration testing, and risk assessments of applications and APIs.

  • Identify, report, and track remediation of security findings.

• Security Monitoring & Guidance

  • Provide actionable recommendations to reduce security risks.

  • Support incident response related to application security issues.

• Compliance & Standards

  • Ensure application security practices comply with regulatory requirements (SAMA CSF, NCA ECC, PDPL) and align with global standards such as ISO
    27001 and SOC 2.

  • Support audit and regulatory assessments by providing technical evidence and security documentation.

• Continuous Improvement

  • Research emerging application security threats, tools, and methodologies.

  • Contribute to security documentation, standards, and training for developers.
    

• Bachelor’s degree in Cybersecurity, Computer Science, or related field.

• 3–5 years of experience in application security, penetration testing, and vulnerability assessment.

• Hands‑on experience with penetration testing, threat modeling, and vulnerability assessment tools.
  

• Experience in securing fintech, banking, or highly regulated software environments.

• Familiarity with OWASP, ISO 27001, or SOC 2 security frameworks.

• Security certifications like CEH, OSCP, or similar.

• Strong analytical and problem‑solving abilities.

• Excellent communication to explain complex security issues clearly.

• Ability to work collaboratively with development and security teams.

NB. While we think the above experience could be important, we’re keen to hear from people that believe they have valuable experience to bring to the role. If you identify with the team and mission, but not all of our requirements, then please still apply!!

We’re building the financial infrastructure for MENA. Not as a slogan, as a fact.

Since 2019, we’ve become the first regulated Open Banking and Open Finance company operating across the UAE and Saudi Arabia. We’ve processed billions of dollars. We connect millions of accounts. We enable companies like Binance, Careem, and Etisalat to build products that were previously impossible in this region.

Our recent $67.5M Series B from General Catalyst and Sequoia isn’t just validation: it’s fuel. We’re expanding into new markets, launching new products, and setting the pace for what financial innovation looks like in MENA.

We solve hard problems. We move fast. We hold ourselves to a high standard. And we’re looking for people who’ve done this before to help us do it right.

If you’re motivated by building something that lasts, not just something that scales, Lean is where you need to be.

Not only do we offer competitive salaries, private healthcare, and flexible office hours, but we also insist that every member of the team hold a meaningful equity stake in the business to ensure long‑term alignment. We'd love you to join us for this journey!

Lean is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status.

When applying for a job at Lean Technologies, we will need to collect, use and share Personal Data about you with different members of our team during the application process. This may mean transferring your data to members of the team in one of our office locations worldwide outside of the country you are in. Please refer to our Privacy Notice on our website for more information about how we may use and store your Personal Data