Security Architecture, Engineering & Threat Operations Lead - Banking
Xenon7
Employer Active
Posted 3 hrs ago
Send me Jobs like this
Nationality
Any Nationality
Gender
Not Mentioned
Vacancy
1 Vacancy
Job Description
Roles & Responsibilities
This role covers highly technical disciplines within InfoSec: security architecture, engineering review, and the maturation of vulnerability and patch management systems. The specialist works closely with internal Security Architecture managers and the Security Operations Center (SOC) team to strengthen the bank's detection and defensive posture, ensure new infrastructure designs are secure by design, and fully operationalize the vulnerability management lifecycle.
Key Responsibilities:
A. Security Architecture & Engineering Assessment
Review new and changed system designs, network architectures, and digital platform builds from an
information security perspective, prior to build or procurement approval.
Produce Security Architecture Review Reports with risk-rated findings, threat model summaries, and
design recommendations aligned to security standards and CBE requirements.
Assess security of APIs, cloud components, integration layers, and digital banking platforms (mobile,
internet banking, payment processing) against OWASP, NIST, and CBE guidelines.
Maintain an architecture review register tracking all submitted designs, decisions, and open risk items.
Contribute to the InfoSec reference architecture and security design patterns library.
B. Tenable SC Vulnerability & Patch Management
Take ownership of Tenable Security Center (SC) and other vulnerability solutions configuration, scan
policy design, and coverage assurance across full asset inventory.
Design and implement a structured vulnerability management workflow scan, triage, risk-rate, assign,
track, and verify remediation integrated with IT's patch management process.
Produce weekly and monthly vulnerability dashboards for IT and InfoSec leadership showing patch SLA
compliance, critical exposure trends, and remediation velocity.
Define and enforce scan coverage SLAs: all in-scope assets scanned at appropriate frequency per asset
criticality tier.
Identify and escalate monitoring blind spots unscanned, uncredentialed, or unreachable assets and
drive resolution with IT.
Enable Tenable SC reporting to feed directly into KRI metrics for board-level visibility on patch SLA
breach rate and vulnerability exposure.
Desired Candidate Profile
Minimum 8 years in information security with strong hands-on technical depth across at least two of the
three disciplines in this role.
Proven Tenable SC (or Tenable.io) administration and workflow design experience must be able to
demonstrate scan configuration, policy tuning, and dashboard creation.
Experience conducting security architecture reviews for banking or financial sector projects.
Practical threat hunting experience using SIEM and EDR platforms with documented hunt outputs.
Familiarity with MITRE ATT&CK framework and its application to threat hunting and detection
engineering.
Preferred Certifications
Tenable Certified Security Engineer (TCSE) or Tenable.sc Specialist
GIAC Certified Enterprise Defender (GCED) or GIAC Certified Threat Intelligence Analyst (GCTI)
CISSP Certified Information Systems Security Professional
SABSA Chartered Security Architect (SCF or SCP)
Preferred Experience
Experience in Egyptian banking or financial institution regulated by CBE.
Hands-on with F5 AWAF, Palo Alto, or equivalent network/application security controls from an
assessment perspective.
Familiarity with NIST CSF 2.0 and CBE Cybersecurity Framework control domains.
- Attractive, market-leading salary package
- Clear career advancement path with professional development opportunities
Company Industry
- Internet
- E-commerce
- Dotcom
Department / Functional Area
- Architecture
- Interior Design
Keywords
- Security Architecture
- Engineering & Threat Operations Lead - Banking
Disclaimer: Naukrigulf.com is only a platform to bring jobseekers & employers together. Applicants are advised to research the bonafides of the prospective employer independently. We do NOT endorse any requests for money payments and strictly advice against sharing personal or bank related information. We also recommend you visit Security Advice for more information. If you suspect any fraud or malpractice, email us at abuse@naukrigulf.com
Similar Jobs
Senior Network & Security Team Lead
Confidential Company
- 8 - 10 Years
- Dubai - United Arab Emirates (UAE)
AI Security & Governance Lead
Faze 3 Consulting
- 8 - 10 Years
- Abu Dhabi - United Arab Emirates (UAE)
Enterprise Security Engineer
WORKWAVEZ SOLUTIONS (OPC) PRIVATE LIMITED
- 5 - 10 Years
- Ahmedabad - India
Information Security Engineer (Arabic Speaker)
Dicetek LLC
- 5 - 10 Years
- Dubai - United Arab Emirates (UAE)
Security Engineer
Brunel India Pvt Ltd
- 5 - 10 Years
- Al Ahmadi - Kuwait