Back to search
Boubyan Digital Factory Linkedin · Posted 7d ago

Senior Security Engineer

New Cairo

Linkedin
Continue to application Add your email once, then Caio opens the original posting.

Indexed description

Role Purpose:

The Bank is seeking a senior security engineer to strengthen its offensive security capability while contributing to the security of the software delivery pipeline and cloud/AI tooling adoption. The role is anchored in red teaming and penetration testing, with working-level responsibility for DevSecOps and cloud security, and exposure to AI/LLM security as an emerging area.

Note: this role is not evenly split across four disciplines. Candidates should have demonstrable depth in offensive security, with practical (not theoretical) exposure to the others.



Key Responsibilities

Offensive Security — Primary (~40%)

  • Plan and execute red team engagements: adversary simulation, C2 infrastructure (Cobalt Strike, Sliver, or similar), campaigns mapped to MITRE ATT&CK
  • Conduct penetration testing across web applications, APIs, mobile apps, internal/external network, and wireless
  • Design and run social engineering / phishing simulation exercises
  • Run purple team exercises in coordination with the SOC/blue team to validate detection coverage
  • Produce CBK CORF-aligned findings reports and remediation guidance suitable for regulatory review
  • Conduct security assessments, vulnerability assessment and penetration testing on different environments but not restricted to
  • Network assessment and penetration testing
  • Cloud assessment and penetration testing
  • Endpoint assessment and penetration testing
  • Application assessment and penetration testing, focusing on Web, API (SOAP and RESTful)
  • Mobile assessment and penetration testing
  • Align with third party vendors on annual VAPT programs and coordinate with other stakeholders
  • Plan and preform adversary simulation campaigns internally and coordinating with third party vendors



DevSecOps — Secondary (~25%)


  • Integrate SAST, DAST, and SCA tooling into CI/CD pipelines
  • Perform Infrastructure-as-Code security review (Terraform, CloudFormation, ARM templates)
  • Conduct secure code review and threat modeling for new applications
  • Support container and Kubernetes security hardening



AI Security — Emerging (~35%)

  • Conduct adversarial testing of internally deployed AI/LLM tools (prompt injection, data leakage, model behavior under abuse)
  • Assess security posture of AI development tooling adopted by engineering teams (e.g., AI coding assistants, MCP integrations)
  • Evaluate AI-assisted vulnerability triage/SAST tooling for reliability and false-positive risk



Required Qualifications

  • 5–10 years in information security, with demonstrable depth in at least two of the four areas above — not surface-level familiarity with allfour
  • At least one recognized offensive security certification: OSCP, OSCE/OSCE3, CRTO, or GPEN.
  • Proficiency in scripting/automation: Python, Bash, PowerShell
  • Working knowledge of CI/CD tooling: Tekton CI, Jenkins, or Azure DevOps
  • Familiarity with regulatory/compliance frameworks relevant to banking (CBK CORF, PCI-DSS, or NIST CSF)


Preferred Qualifications

  • Cloud security certification: AWS Security Specialty, Azure Security Engineer Associate, or CKS
  • Prior experience in financial services or another regulated industry
  • Bug bounty track record or competitive CTF experience
  • Exposure to adversarial ML / AI red teaming research


Soft Skills

  • Ability to translate technical risk into business/regulatory language for non-technical stakeholders and examiners
  • Strong written reporting discipline — findings must be audit-ready without heavy rework
Free. 20 seconds. No password. See every match in this search.

Create a free Caio profile to unlock more results and save your role and location preferences.

Unlock free search
Want help applying to roles like this? Search Caio for free. If CV tailoring and application tracking get heavy, Full Caio Agent adds a human specialist.
View Full Agent