Senior Cloud Security Engineer - GCP/OCI

We are looking for a Cloud Security Engineer with mandatory experience in banking, fintech, or regulated sectors to lead the design and implementation of secure, compliant cloud infrastructures. The candidate must have a strong understanding of regulatory frameworks and enterprise-grade security controls, with the ability to operate in high-compliance environments.

Key Responsibilities:

• Own and implement cloud security architectures and landing-zone guardrails across network, identity, data, and logging layers
• Secure configurations for databases, storage, serverless, and other cloud-native services
• Design and enforce least-privilege IAM, including SSO (SAML/OIDC) and PAM workflows
• Implement key and credential lifecycle management, including MFA, short-lived tokens, and machine identity governance
• Ensure data protection via encryption at rest and in transit, along with tokenization where required
• Define and enforce network segmentation, private connectivity, secure egress, and API security
• Implement protections such as WAF, DDoS mitigation, and bot defense mechanisms
• Establish and manage Zero Trust access models for users and services
• Integrate security scanning tools (SAST, DAST, Secrets, IaC) into CI/CD pipelines
• Maintain compliance and audit readiness for SAMA, NCA, ISO 27001, PCI DSS, SWIFT CSP
• Develop and enforce policies-as-code, tagging standards, and exception workflows
• Integrate and manage cloud logs within SIEM platforms (e.g., Splunk)
• Orchestrate cloud and container security scanning, track remediation SLAs, and collaborate with engineering teams

Requirements

• 7-12 years of experience in cybersecurity, including 3+ years securing public cloud environments (GCP or OCI preferred)
• Mandatory experience in fintech, banking, or highly regulated industries
• Strong expertise in IAM/SSO/PAM, KMS/HSM, PKI, and key rotation strategies
• Hands-on experience with cloud security platforms: CSPM, CNAPP, CWPP, CIEM, and native tools (e.g., GCP SCC, OCI Cloud Guard)
• Deep understanding of network and web security: VPC/VNet, routing, private link, TLS/mTLS, API gateways
• Experience with container and Kubernetes security, including runtime protection and network policies
• Proficiency in DevSecOps tools: Terraform, CI/CD pipelines, scripting (Python/PowerShell), and log analysis (SQL/Regex)
• Strong familiarity with regulatory frameworks:
• SAMA Cybersecurity Framework
• NCA ECC
• ISO 27001
• PCI DSS
• SWIFT CSP
• Experience integrating security monitoring with SIEM tools (Splunk preferred)

Preferred Qualifications:

• Cloud certifications (GCP, OCI, AWS, or Azure Security)
• Experience in banking, fintech, or regulated environments
• Strong documentation, communication, and stakeholder management skills

What We're Looking For:

• Strong problem-solving mindset with a security-first approach
• Ability to work cross-functionally with DevOps, Engineering, and Compliance teams
• Ownership-driven individual who can design and implement scalable security solutions