Senior Security Engineer

Who is Awaed?

Awaed is a fast-growing fintech company redefining how people trade and invest in the region. Our mission is to empower investors through technology, transparency, and innovation — delivering a secure and high-performance trading experience that brings global markets closer to everyone.

At Awaed, you’ll join a passionate team of builders, dreamers, and problem-solvers working on cutting-edge solutions that move the trading world forward.

What do we need?

We are seeking a Senior Security Engineer who operates at the intersection of architecture and hands-on implementation. You will own the security posture of our platform, working alongside existing systems to harden and extend them, while driving the architectural decisions that shape our security roadmap. Because of our regulated environment and scale, you will also play a critical role in site reliability, incident response, and compliance.

What are we looking for?

• Experience: Proven senior experience in Security, DevSecOps, Cloud Security Engineering, or a related infrastructure security role.

• Domain Expertise: Proven track record in regulated, high-availability environments (fintech, banking, trading, or payments strongly preferred).

• Execution: Demonstrated ability to handle both high-level architecture design and hands-on engineering without requiring a handoff.

• Programming: Proficiency in Go and/or Python for automation, plus shell scripting. Ability to review application code security in Java, C#/ASP.NET, and JavaScript.

• Cloud Platforms: Strong hands-on experience with OCI, AWS, or GCP.

What will you do?

• Architecture & Strategy: Define the Security roadmap and architect security controls across infrastructure, pipelines, identity, and APIs aligned with CSA and OWASP CI/CD Top 10.

• IaC & Infrastructure Security: Enforce security standards across Infrastructure as Code using Terraform, Ansible, and Terrateam. Integrate tfsec and Checkov scanning into pipelines. Harden Kubernetes clusters and OKE environments across OCI and AWS.

• CI/CD & Supply Chain: Design security gates (SAST, SCA, DAST) across GitHub Actions, Jenkins, and ArgoCD. Maintain supply chain integrity via SLSA provenance and image signing (Cosign/Sigstore).

• Identity & Secrets: Implement JIT access via HashiCorp Boundary (RBAC/ABAC) and manage identity protocols (OAuth2, OIDC). Own secrets lifecycle management using OCI Vault, OCI KMS, and HashiCorp Vault.

• Network & API: Harden API gateways (Kong, API6, Traefik), enforce Kubernetes NetworkPolicies (L3/L4), and manage WAF rules via Incapsula Imperva.

Nice-to-have

• Deep expertise in Oracle Cloud Infrastructure (OKE, OCI Vault, OCI KMS).

• Prior exposure to trading system environments.

• Relevant industry certifications (CKS, CISSP, AWS Security Specialty, GCP/OCI Security).

What do we offer?

• Flexible remote work model.

• Highly competitive salary.

• Paid leave, sick leave, and your local national holidays.

• Apply your expertise and industry best practices at one of the GCC’s leading fintech companies.

Awaed is not for everyone; succeeding here requires adaptability, ownership, and a continuous drive to learn and improve.