33 Cybersecurity Analyst jobs in Egypt

Mission
Part of the Group Cybersecurity team, contribute to protect Valeo by performing the following activities:

• Cybersecurity risk analysis (70%)
• Project Cybersecurity advice/control (20%)
• Audits, Governance and Compliance activities (5%)
• Cybersecurity watch (5%)

Responsibilities

• Cybersecurity risk analysis

• By using the methodologies and tools specific to the scope of the analysis, identify potential weaknesses and related risks for Valeo. It can cover, but is not limited to:

• Third parties

• IS/IT projects
• Valeo sites

• Personal data

• Diagnose dysfunctions

• Provide/implement remediation

• Generate reports for both technical and non-technical staff and stakeholders (if any)

• Project Cybersecurity advice/control

• Control and advize during the RFI/RFQ phase

• Advize/control the Cybersecurity measures to be included in the contract
• Advize the architecture, check the results of the Cybersecurity tests, follow-up the Cybersecurity action plans, advize for the Go-live decision

• Advize/validate the major changes during the Run phase

• Audits, Governance and Compliance activities

• Perform the organizational and/or technical audits. It can cover, but is not limited to:

• Compliance audit (Valeo ISSP (Information Systems Security Policy), Cybersecurity standards/best practices…)

• It can be performed:

• On-site

• Remotely

• Generate the audit reports for both technical and non-technical staff and stakeholders (if any)

Contribution

• Audits, Governance and Compliance activities

• Contribute to Cybersecurity awareness and/or training modules

• Contribute to third parties audits

• Cybersecurity watch

• Threats

• Cybersecurity solutions

Perimeter

• Valeo (Travels abroad are expected according to the needs).

Qualifications
Education/Training
What education and education level are necessary for the position?
Required
: Bachelor's degree or Master's degree in Computer Science and/or Cybersecurity

Optional
: ISO 270xx Certification(s). ISO 27005 certification is appreciated

Professional Experience
How many years of professional experience in a specific professional area are required for the position?

• Experience in Cybersecurity
• Experience of at least 5 years in Cybersecurity with a strong focus on risk management
• You have already conducted several Cybersecurity audits and are able of having a relevant risk analysis at the governance, architecture and technical level
• Knowledge of the vulnerabilities and Cybersecurity threats
• Knowledge of the Information System (network, system, Active Directory, database, middleware…)
• Knowledge in software development is a plus

Languages

• Required: Fluency in English
• Optional: French or other language

Key Responsibilities

Collaborate with risk and information security teams to provide recommendations for improvement and communicate them to subject matter experts and management.

Implement, maintain, and enhance
information security processes
to improve efficiency and effectiveness.

Manage and maintain the
Vulnerability Management tool
, perform analysis and reporting, and ensure issues are addressed within SLA timelines.

Provide support in the
detection, response, mitigation, and reporting
of cyber threats affecting the organization.

Support and facilitate
audits, evidence collection, documentation, and reporting
.

Participate in the
evaluation, implementation, and troubleshooting
of security tools and solutions.

Stay current with the
threat landscape
and emerging cybersecurity risks.

Identify and mitigate
business and security risks
, including coordination of Data Risk Assessments (DRAs) as required.

Ensure compliance with
Minimum Security (MinSec) Standards
.

Contribute to the development of
Key Performance Indicators (KPIs) and metrics
to measure and report on service health.

Generate and review regular reports to identify opportunities for service improvement.

Actively participate in
internal service review meetings
and security discussions.

Qualifications & Skills

• Bachelor's degree in
  Information Security, Computer Science, or a related field
  .
• 3–5 years of experience
  in Information Security or related roles.
• Hands-on experience with
  vulnerability management tools
  , SIEM, and endpoint protection.
• Strong knowledge of
  security frameworks and standards
  (ISO 27001, NIST, CIS Controls, etc.).
• Familiarity with risk assessments, audits, and compliance processes.
• Solid understanding of
  threat detection, incident response, and security monitoring
  .
• Relevant certifications such as
  CISSP, CISM, CEH, CompTIA Security+, or similar
  (preferred).
• Strong analytical, communication, and problem-solving skills.

We are seeking a
highly skilled and proactive Senior Security Compliance Analyst
to join our Information Security team. The Senior Analyst will lead compliance assurance initiatives, ensure systems adhere to relevant security standards and regulations, and guide the organization in maintaining a robust security posture. The ideal candidate will have a deep passion for security and compliance, exceptional analytical skills, and the ability to influence and drive security best practices across the organization.

Responsibilities

1. Lead regular security compliance assessments to evaluate adherence to standards, regulations, and policies, such as ISO 27001, NIST Cybersecurity Framework, PCI-DSS, GDPR, and national regulations.
2. Collaborate with senior stakeholders and cross-functional teams to assess the impact of technical and business changes on security posture and compliance.
3. Oversee and coordinate internal and external audits, ensuring documentation, remediation efforts, and audit readiness are effectively managed.
4. Drive the development, review, and implementation of security policies, procedures, and controls to ensure alignment with industry best practices.
5. Manage and maintain the Document Management System (DMS) to ensure secure storage, version control, and timely document review.
6. Identify, report, and remediate compliance gaps, providing expert guidance to stakeholders on mitigation strategies.
7. Lead and report on risk assessment activities, providing actionable insights to senior management.
8. Guide vulnerability management initiatives and reporting, ensuring proactive risk mitigation.
9. Stay abreast of emerging security threats, vulnerabilities, and regulatory developments to maintain and enhance organizational compliance and security posture.

Qualifications

1. Bachelor's degree in Computer Science, Information Technology, or a related field; advanced certifications (CISSP, CISA, or equivalent) are a plus.
2. Proven experience with security compliance frameworks such as ISO 27001, NIST, GDPR, PCI-DSS, FRA, CBE.
3. Deep understanding of cybersecurity and IT infrastructure concepts, including Firewalls, IDS/IPS, VPN, and Data Loss Prevention.
4. Expert knowledge of Information Security Control types and risk management practices.
5. Excellent command of the English language, with strong presentation and communication skills.
6. Exceptional analytical skills with the ability to interpret complex regulatory requirements and translate them into actionable compliance measures.
7. Prior experience in compliance-based roles is required; experience in leading audits and managing security programs is highly desirable.

Company Description

HakTrak Networks is a pioneering company in the Middle East, specializing in the design, construction, and application of Artificial Intelligence (AI) and Machine Learning in cybersecurity. We offer innovative security solutions to businesses of all sizes through our cutting-edge technology and seasoned professionals. Our comprehensive services protect systems from evolving cyber threats, and we provide training to help enterprises manage cybersecurity risks. With extensive expertise, HakTrak Networks is well-equipped to handle complex security challenges and safeguard critical data and infrastructure.

Role Description

This is a full-time remote role for a Information Security Analyst . The Information Security Analyst  will be the first line of defense in our Security Operations Center. Your primary responsibility will be to continuously monitor, analyze, and triage security events to identify potential threats. You will investigate alerts, differentiate false positives from real incidents, and escalate issues when necessary, This role is ideal for individuals who are detail-oriented, eager to learn, and passionate about cybersecurity.

Qualifications

•  Strong Analytical Skills for assessing system performance and identifying potential issues

•  Bachelor's degree in Information Technology, Computer Science, or a related field

•  Strong understanding of networking fundamentals (TCP/IP, DNS, HTTP, VPN, Firewalls).

•  Knowledge of operating systems (Windows, Linux, macOS) and system logs.

•  Familiarity with SIEM platforms (Splunk, QRadar, Microsoft Sentinel, ELK, etc.).

•  Awareness of common attack techniques (phishing, malware, brute force, ransomware).

•  Exposure to EDR, IDS/IPS, and threat intelligence tools.

•  Basic scripting (Python, PowerShell, or Bash) is a plus.

•  Ability to work independently in a remote setting

•  Excellent attention to detail, communication skills, and eagerness to learn

• Working with SOC Team including Tier 1, Tier 2, Tier 3, MDR Manager

•  Willing to relocate to GCC Countries

Certifications (preferred): CompTIA Security+, CySA+, CEH, CCNA CyberOps, Microsoft SC-200, Splunk Certified User/Analyst.

Send your resume to

• Ensure proper security controls are enforced across the different systems based on the identified systems' criticality
• Review and recommend updates to the bank's IT & Cyber security policy, relevant processes, procedures and guidelines
• Participate in the security gap and threat assessments post globally/locally identified security incidents/threats and ensure the effective implementation of action plans with the relevant stakeholders
• Support the implementation of the key strategic business initiatives and projects through following the secure software acquisition life cycle including specifying the confidentiality, integrity, and availability requirements, addressing security requirements throughout the acquisition of new systems and performing proper risk assessment prior to releasing new systems to production
• Review new technologies and changes to existing technologies for vendor acquired solutions to ensure proper information security requirements/controls and compliance with relevant security policies and compliance mandates
• Validate the security requirements to ensure the proper management of test data on development and test environments according to the set test data management strategy and in alignment with the developed security policies
• Develop and maintain threat modelling strategy and procedures for the purpose of optimizing the infrastructure and network security through identifying clear objectives and developing countermeasures to prevent or mitigate the impacts of cybersecurity attacks/threats on the environment
• Provide updates on the different Security KRIs, RAIs and RCSA and develop an action plan to mitigate those risks to be reported to the Security & Technology Risk Management Team for tracking
• Conduct the different security assessments for vendors and third Parties providing critical services and engagements that involve access to or sharing of information, as per the respective policies and guidelines
• Responsible for initial security risk assessment for any identified security risks across the organization and liaise with the security & technology risk management for final risk rating and reporting
• Conduct the annual review and update of the area's processes, procedures and recommend updates to relevant policies with the adherence to the developed SLAs

Requirements
Bachelor's degree of Engineering, Computer Science, Information Security or equivalent.

 for the senior) years of work experience in Information Security, IT Security Analysis or Risk Analysis

Excellent Knowledge of ISO 27001, PCI standards, NIST frameworks, OWASP and SWIFT CSP

xcellent knowledge about ISMS implementation

isk Management & Security Risk assessments.

ust have technical background in areas like software development, security architecture, security platforms and IT tools/platforms commonly used in a modern software architecture, administration and management along with risk background

Recommended Certifications:

• ISO 27001:2013 Implementer/Lead Implementer
• CISSP
• CRISC
• CISM
• GIAC Certifications
• CEH
• Security+

Skills
ime Management Skills, Analytical skills, and Strong presentation skills

eamwork Spirit

trong Communication skills

Requirements:

• Bachelor's degree in Computer Engineering, Information Technology, or related field.

• 1–2 years of relevant experience in Information Security operations.

• Knowledge of networking, operating systems (Windows/Linux).

• Certifications such as CCNA, MCSA, or Linux are a plus.

• Good understanding of firewalls and endpoint security solutions.

• Strong problem-solving and analytical skills.

• Applicants must be residents of Alexandria.

Job Duties:

• Implement and monitor security measures to protect computer systems, networks, and information.

• Identify and define system security requirements.

• Design security architecture and develop detailed cybersecurity designs.

• Manage and troubleshoot firewalls, endpoint security, and related security tools.

• Respond to and investigate security incidents.

If you are interested, kindly send your updated CV to with email subject Information Security Engineer

About Us

We're a growing
fintech startup
reimagining secure financial systems. Security is not a department — it's a culture. We're looking for an engineer who thrives at the intersection of
development, operations, and security
— someone eager to help us
shift security left
and embed it into our
SDLC
.

About the Role

As a
Security Software Engineer
, you will play a key role in securing our systems from design to deployment. You will work closely with engineers, DevOps, and product teams to
integrate security practices
, ensure
cloud and infrastructure safety
, and support
compliance initiatives
like ISO or PCI DSS.

What You'll Do

• Embed security throughout the
  software development lifecycle (SDLC)
• Build and maintain
  security tools
  , scripts, and automations
• Integrate security controls into CI/CD pipelines
• Conduct threat modelling, secure code reviews, and vulnerability assessments
• Monitor and respond to incidents using
  SOC tools
  (e.g., Wazuh, Suricata, OSSIM)
• Support and enforce
  cloud security best practices
  (AWS/Azure)
• Collaborate with engineers to
  raise security awareness
  and fix vulnerabilities
• Participate in and contribute to
  ISO 27001, PCI DSS
  , and similar processes
• Document security standards and provide internal training

What We're Looking For

• 3+ years in
  security engineering
  , DevSecOps, or a similar role
• Strong familiarity with
  SDLC security practices and shift-left approach
• Experience with one or more
  programming/scripting languages
  (C#, Python, Bash, etc.)
• Experience working with
  Agile and XP teams
• Hands-on experience with
  SOC tools
  , SIEM, and log correlation
• Good grasp of
  cloud security (IAM, encryption, networking)
• Familiar with
  DevOps tooling
  (CI/CD, Docker, IaC, etc.)
• Solid foundation in
  networking protocols, firewalls, VPNs
• Competence with
  Git-based workflows
• Contributed to or maintained parts of
  ISO 27001, PCI DSS
  , or SOC2 programs

Nice to Have

• Certifications:
  Security+
  ,
  CISSP
  ,
  OSCP
  ,
  CEH
  , or cloud security credentials
• Experience with
  threat intelligence
  ,
  attack simulation tools
  , or
  bug bounty triage
• Exposure to
  Zero Trust architectures
• Familiarity with tools like
  Trivy, Checkov, Snyk, Owasp ZAP
• Experience in
  incident response and postmortems

Why Join Us?

• Flexible hours, outcome-based work
• Culture of transparency, agility, and collaboration
• Work with a team that values
  security as code
• High-impact role in shaping secure fintech systems
• A strong platform for
  growth, innovation, and leadership

Job No:

Location: Egypt

Role Profile:

The GRC Lead – Privacy, Risk & Access Management will play a pivotal role in strengthening Alshaya Group's governance, risk, and compliance posture with a core focus on data privacy, enterprise risk management, and identity & access governance. This role will also lead and support cross-functional security projects such as SSO integration and user access reviews, ensuring secure, compliant, and business-aligned identity practices across the enterprise.

The Below Key Performance Areas include but are not limited to:

 Develop and implement privacy and data protection policies aligned with GDPR, KVKK, PDPL, and other regional regulations.

Conduct DPIAs, PIAs, and privacy risk assessments to ensure responsible data handling.

anage enterprise risk through a structured Risk Management Framework and maintain the Enterprise Risk Register.

efine and enforce IAM policies including RBAC, SoD, and user access reviews.

ead or support IAM initiatives such as SSO integrations, PAM implementations, and access certification campaigns.

lign GRC and IAM practices with standards like ISO 27001, NIST, PCI DSS, and SOX.

acilitate internal and external audits, assessments, and third-party reviews.

versee GRC tools and privacy platforms (e.g., Archer, OneTrust, ServiceNow GRC).

rive cross-functional projects including policy harmonization and audit remediation.

repare executive-level reports and dashboards for governance and compliance oversight.

ct as a liaison for privacy, risk, and IAM discussions across departments.

romote GRC awareness and training across the organization.

Knowledge:

trong understanding of global privacy regulations (e.g., GDPR, KVKK, PDPL) and data protection principles.

n-depth knowledge of enterprise risk management frameworks and risk assessment methodologies.

amiliarity with IAM concepts including RBAC, SoD, SSO, PAM, and identity lifecycle management.

xperience with compliance standards such as ISO 27001, NIST, PCI DSS, and SOX.

roficiency in using GRC and privacy management tools (e.g., Archer, OneTrust, ServiceNow GRC).

bility to lead cross-functional projects and integrate GRC, IAM, and privacy workflows.

trong stakeholder engagement and communication skills for executive and cross-departmental collaboration.

nalytical skills for conducting DPIAs, PIAs, and interpreting KRIs and audit findings.

nowledge of authentication protocols (e.g., SAML, OIDC) and identity governance best practices.

xperience in managing DSARs, breach responses, and audit readiness activities.

Experience:

-7 years experience in Information Security Domain

achelor's degree in Information Security, Computer Science, Risk Management, or related field. Master's degree or MBA is a plus.

IPP/E, CIPM, or other IAPP certifications; CRISC, CISA, or ISO 27001 Lead Implementer; Identity and Access certifications such as Azure, Okta, or SailPoint; ITIL or PMP for project management is a plus.

Skills:
br>
Strong understanding of IAM principles, SSO protocols (SAML, OIDC), and identity lifecycle.

nowledge of privacy regulations and enterprise risk frameworks.

xcellent stakeholder management, communication, and cross-functional collaboration skills.

roficient in GRC tools , Privacy Tools & Access management platforms.

Advertised: 10 Sep 2025

Application close: 11 Oct 2025

About Us
NowPay (YC W21) is a FinTech startup building a financial-wellness platform for employees in emerging markets. Saving, spending, budgeting and borrowing. Those are the 4 pillars of financial-wellness. NowPay aims to improve every aspect of those for employees by building products that tackle every vertical.

NowPay enables employees to get their salaries in advance at any point in time during the month and also pay their bills instantly. NowPay is backed by YCombinator, 500 Startups, BECO Capital, Global Ventures, Endure, Plug and Play, MSA Capital, 4dx, Foundation Ventures, EFG and Beltone.

Job Description
Role Summary:
We are seeking a skilled and proactive Information Security Engineer to lead and scale NowPay's cybersecurity posture. This role is critical to securing sensitive employee financial data, ensuring the integrity of salary disbursement systems, and supporting regulatory compliance (e.g. local regulators, PCI-DSS, and GDPR). The successful candidate will be responsible for designing and enforcing best-in-class security practices across our platforms, cloud infrastructure, and internal processes.

Key Responsibilities
Security Strategy & Architecture

• Define and continuously improve NowPay's information security strategy, policies, and controls across all layers (cloud, app, infrastructure).
• Lead threat modeling and risk assessment activities for new and existing systems.
• Ensure secure design of new fin-tech products including salary advance, BNPL, and bill payment services.

Vulnerability Management & Monitoring

• Conduct regular security assessments, vulnerability scans, and penetration testing.
• Monitor and respond to security incidents, collaborating with engineering and DevOps teams for resolution.
• Maintain and enhance audit logging, intrusion detection, and alerting systems.

Cloud & Application Security

• Implement secure configurations and hardening of AWS infrastructure (IAM, EC2, S3, RDS, etc.).
• Ensure secure code practices via CI/CD pipelines, code reviews, and dependency scanning (GitHub, Jira).
• Support the engineering team with encryption, tokenization, and data integrity mechanisms.

Compliance & Risk

• Support compliance with relevant regulatory frameworks (local regulators, PCI-DSS, ISO
• Manage security documentation, audits, and incident response playbooks.
• Collaborate with legal and compliance teams on security requirements for licensing or audits.

Employee Security Enablement

• Lead security awareness training for employees (e.g., phishing, password hygiene, secure device usage).
• Manage identity and access management (IAM), two-factor authentication, and role-based access controls.

Requirements

• 3+ years of experience in information security, preferably in fin-tech, banking, or SaaS environments.
• Hands-on experience with cloud/on-site security.
• Familiarity with regulatory and compliance standards: local regulators, GDPR, PCI-DSS, ISO 27001.
• Proficient in tools such as Metabase, GitHub, Jira, SIEMs, firewalls, and endpoint protection systems.
• Strong knowledge of OWASP Top 10, encryption protocols, and authentication systems.
• Bachelor's degree in Computer Science, Information Security, or related fields.

Benefits

• Medical insurance coverage
• Social insurance
• Salary advance

check(event) ; career-website-detail-template-2 => ,meta)" mousedown="lyte-button => check(event)" final- final-class="lyte-button lyteBackgroundColorBtn lyteSuccess" lyte-rendered="">