31 Security Analysts jobs in Egypt

We are seeking a
highly skilled and proactive Senior Security Compliance Analyst
to join our Information Security team. The Senior Analyst will lead compliance assurance initiatives, ensure systems adhere to relevant security standards and regulations, and guide the organization in maintaining a robust security posture. The ideal candidate will have a deep passion for security and compliance, exceptional analytical skills, and the ability to influence and drive security best practices across the organization.

Responsibilities

1. Lead regular security compliance assessments to evaluate adherence to standards, regulations, and policies, such as ISO 27001, NIST Cybersecurity Framework, PCI-DSS, GDPR, and national regulations.
2. Collaborate with senior stakeholders and cross-functional teams to assess the impact of technical and business changes on security posture and compliance.
3. Oversee and coordinate internal and external audits, ensuring documentation, remediation efforts, and audit readiness are effectively managed.
4. Drive the development, review, and implementation of security policies, procedures, and controls to ensure alignment with industry best practices.
5. Manage and maintain the Document Management System (DMS) to ensure secure storage, version control, and timely document review.
6. Identify, report, and remediate compliance gaps, providing expert guidance to stakeholders on mitigation strategies.
7. Lead and report on risk assessment activities, providing actionable insights to senior management.
8. Guide vulnerability management initiatives and reporting, ensuring proactive risk mitigation.
9. Stay abreast of emerging security threats, vulnerabilities, and regulatory developments to maintain and enhance organizational compliance and security posture.

Qualifications

1. Bachelor's degree in Computer Science, Information Technology, or a related field; advanced certifications (CISSP, CISA, or equivalent) are a plus.
2. Proven experience with security compliance frameworks such as ISO 27001, NIST, GDPR, PCI-DSS, FRA, CBE.
3. Deep understanding of cybersecurity and IT infrastructure concepts, including Firewalls, IDS/IPS, VPN, and Data Loss Prevention.
4. Expert knowledge of Information Security Control types and risk management practices.
5. Excellent command of the English language, with strong presentation and communication skills.
6. Exceptional analytical skills with the ability to interpret complex regulatory requirements and translate them into actionable compliance measures.
7. Prior experience in compliance-based roles is required; experience in leading audits and managing security programs is highly desirable.

Company Description

HakTrak Networks is a pioneering company in the Middle East, specializing in the design, construction, and application of Artificial Intelligence (AI) and Machine Learning in cybersecurity. We offer innovative security solutions to businesses of all sizes through our cutting-edge technology and seasoned professionals. Our comprehensive services protect systems from evolving cyber threats, and we provide training to help enterprises manage cybersecurity risks. With extensive expertise, HakTrak Networks is well-equipped to handle complex security challenges and safeguard critical data and infrastructure.

Role Description

This is a full-time remote role for a Information Security Analyst . The Information Security Analyst  will be the first line of defense in our Security Operations Center. Your primary responsibility will be to continuously monitor, analyze, and triage security events to identify potential threats. You will investigate alerts, differentiate false positives from real incidents, and escalate issues when necessary, This role is ideal for individuals who are detail-oriented, eager to learn, and passionate about cybersecurity.

Qualifications

•  Strong Analytical Skills for assessing system performance and identifying potential issues

•  Bachelor's degree in Information Technology, Computer Science, or a related field

•  Strong understanding of networking fundamentals (TCP/IP, DNS, HTTP, VPN, Firewalls).

•  Knowledge of operating systems (Windows, Linux, macOS) and system logs.

•  Familiarity with SIEM platforms (Splunk, QRadar, Microsoft Sentinel, ELK, etc.).

•  Awareness of common attack techniques (phishing, malware, brute force, ransomware).

•  Exposure to EDR, IDS/IPS, and threat intelligence tools.

•  Basic scripting (Python, PowerShell, or Bash) is a plus.

•  Ability to work independently in a remote setting

•  Excellent attention to detail, communication skills, and eagerness to learn

• Working with SOC Team including Tier 1, Tier 2, Tier 3, MDR Manager

•  Willing to relocate to GCC Countries

Certifications (preferred): CompTIA Security+, CySA+, CEH, CCNA CyberOps, Microsoft SC-200, Splunk Certified User/Analyst.

Send your resume to

• Ensure proper security controls are enforced across the different systems based on the identified systems' criticality
• Review and recommend updates to the bank's IT & Cyber security policy, relevant processes, procedures and guidelines
• Participate in the security gap and threat assessments post globally/locally identified security incidents/threats and ensure the effective implementation of action plans with the relevant stakeholders
• Support the implementation of the key strategic business initiatives and projects through following the secure software acquisition life cycle including specifying the confidentiality, integrity, and availability requirements, addressing security requirements throughout the acquisition of new systems and performing proper risk assessment prior to releasing new systems to production
• Review new technologies and changes to existing technologies for vendor acquired solutions to ensure proper information security requirements/controls and compliance with relevant security policies and compliance mandates
• Validate the security requirements to ensure the proper management of test data on development and test environments according to the set test data management strategy and in alignment with the developed security policies
• Develop and maintain threat modelling strategy and procedures for the purpose of optimizing the infrastructure and network security through identifying clear objectives and developing countermeasures to prevent or mitigate the impacts of cybersecurity attacks/threats on the environment
• Provide updates on the different Security KRIs, RAIs and RCSA and develop an action plan to mitigate those risks to be reported to the Security & Technology Risk Management Team for tracking
• Conduct the different security assessments for vendors and third Parties providing critical services and engagements that involve access to or sharing of information, as per the respective policies and guidelines
• Responsible for initial security risk assessment for any identified security risks across the organization and liaise with the security & technology risk management for final risk rating and reporting
• Conduct the annual review and update of the area's processes, procedures and recommend updates to relevant policies with the adherence to the developed SLAs

Requirements
Bachelor's degree of Engineering, Computer Science, Information Security or equivalent.

 for the senior) years of work experience in Information Security, IT Security Analysis or Risk Analysis

Excellent Knowledge of ISO 27001, PCI standards, NIST frameworks, OWASP and SWIFT CSP

xcellent knowledge about ISMS implementation

isk Management & Security Risk assessments.

ust have technical background in areas like software development, security architecture, security platforms and IT tools/platforms commonly used in a modern software architecture, administration and management along with risk background

Recommended Certifications:

• ISO 27001:2013 Implementer/Lead Implementer
• CISSP
• CRISC
• CISM
• GIAC Certifications
• CEH
• Security+

Skills
ime Management Skills, Analytical skills, and Strong presentation skills

eamwork Spirit

trong Communication skills

Requirements:

• Bachelor's degree in Computer Engineering, Information Technology, or related field.

• 1–2 years of relevant experience in Information Security operations.

• Knowledge of networking, operating systems (Windows/Linux).

• Certifications such as CCNA, MCSA, or Linux are a plus.

• Good understanding of firewalls and endpoint security solutions.

• Strong problem-solving and analytical skills.

• Applicants must be residents of Alexandria.

Job Duties:

• Implement and monitor security measures to protect computer systems, networks, and information.

• Identify and define system security requirements.

• Design security architecture and develop detailed cybersecurity designs.

• Manage and troubleshoot firewalls, endpoint security, and related security tools.

• Respond to and investigate security incidents.

If you are interested, kindly send your updated CV to with email subject Information Security Engineer

About Us

We're a growing
fintech startup
reimagining secure financial systems. Security is not a department — it's a culture. We're looking for an engineer who thrives at the intersection of
development, operations, and security
— someone eager to help us
shift security left
and embed it into our
SDLC
.

About the Role

As a
Security Software Engineer
, you will play a key role in securing our systems from design to deployment. You will work closely with engineers, DevOps, and product teams to
integrate security practices
, ensure
cloud and infrastructure safety
, and support
compliance initiatives
like ISO or PCI DSS.

What You'll Do

• Embed security throughout the
  software development lifecycle (SDLC)
• Build and maintain
  security tools
  , scripts, and automations
• Integrate security controls into CI/CD pipelines
• Conduct threat modelling, secure code reviews, and vulnerability assessments
• Monitor and respond to incidents using
  SOC tools
  (e.g., Wazuh, Suricata, OSSIM)
• Support and enforce
  cloud security best practices
  (AWS/Azure)
• Collaborate with engineers to
  raise security awareness
  and fix vulnerabilities
• Participate in and contribute to
  ISO 27001, PCI DSS
  , and similar processes
• Document security standards and provide internal training

What We're Looking For

• 3+ years in
  security engineering
  , DevSecOps, or a similar role
• Strong familiarity with
  SDLC security practices and shift-left approach
• Experience with one or more
  programming/scripting languages
  (C#, Python, Bash, etc.)
• Experience working with
  Agile and XP teams
• Hands-on experience with
  SOC tools
  , SIEM, and log correlation
• Good grasp of
  cloud security (IAM, encryption, networking)
• Familiar with
  DevOps tooling
  (CI/CD, Docker, IaC, etc.)
• Solid foundation in
  networking protocols, firewalls, VPNs
• Competence with
  Git-based workflows
• Contributed to or maintained parts of
  ISO 27001, PCI DSS
  , or SOC2 programs

Nice to Have

• Certifications:
  Security+
  ,
  CISSP
  ,
  OSCP
  ,
  CEH
  , or cloud security credentials
• Experience with
  threat intelligence
  ,
  attack simulation tools
  , or
  bug bounty triage
• Exposure to
  Zero Trust architectures
• Familiarity with tools like
  Trivy, Checkov, Snyk, Owasp ZAP
• Experience in
  incident response and postmortems

Why Join Us?

• Flexible hours, outcome-based work
• Culture of transparency, agility, and collaboration
• Work with a team that values
  security as code
• High-impact role in shaping secure fintech systems
• A strong platform for
  growth, innovation, and leadership

Job No:

Location: Egypt

Role Profile:

The GRC Lead – Privacy, Risk & Access Management will play a pivotal role in strengthening Alshaya Group's governance, risk, and compliance posture with a core focus on data privacy, enterprise risk management, and identity & access governance. This role will also lead and support cross-functional security projects such as SSO integration and user access reviews, ensuring secure, compliant, and business-aligned identity practices across the enterprise.

The Below Key Performance Areas include but are not limited to:

 Develop and implement privacy and data protection policies aligned with GDPR, KVKK, PDPL, and other regional regulations.

Conduct DPIAs, PIAs, and privacy risk assessments to ensure responsible data handling.

anage enterprise risk through a structured Risk Management Framework and maintain the Enterprise Risk Register.

efine and enforce IAM policies including RBAC, SoD, and user access reviews.

ead or support IAM initiatives such as SSO integrations, PAM implementations, and access certification campaigns.

lign GRC and IAM practices with standards like ISO 27001, NIST, PCI DSS, and SOX.

acilitate internal and external audits, assessments, and third-party reviews.

versee GRC tools and privacy platforms (e.g., Archer, OneTrust, ServiceNow GRC).

rive cross-functional projects including policy harmonization and audit remediation.

repare executive-level reports and dashboards for governance and compliance oversight.

ct as a liaison for privacy, risk, and IAM discussions across departments.

romote GRC awareness and training across the organization.

Knowledge:

trong understanding of global privacy regulations (e.g., GDPR, KVKK, PDPL) and data protection principles.

n-depth knowledge of enterprise risk management frameworks and risk assessment methodologies.

amiliarity with IAM concepts including RBAC, SoD, SSO, PAM, and identity lifecycle management.

xperience with compliance standards such as ISO 27001, NIST, PCI DSS, and SOX.

roficiency in using GRC and privacy management tools (e.g., Archer, OneTrust, ServiceNow GRC).

bility to lead cross-functional projects and integrate GRC, IAM, and privacy workflows.

trong stakeholder engagement and communication skills for executive and cross-departmental collaboration.

nalytical skills for conducting DPIAs, PIAs, and interpreting KRIs and audit findings.

nowledge of authentication protocols (e.g., SAML, OIDC) and identity governance best practices.

xperience in managing DSARs, breach responses, and audit readiness activities.

Experience:

-7 years experience in Information Security Domain

achelor's degree in Information Security, Computer Science, Risk Management, or related field. Master's degree or MBA is a plus.

IPP/E, CIPM, or other IAPP certifications; CRISC, CISA, or ISO 27001 Lead Implementer; Identity and Access certifications such as Azure, Okta, or SailPoint; ITIL or PMP for project management is a plus.

Skills:
br>
Strong understanding of IAM principles, SSO protocols (SAML, OIDC), and identity lifecycle.

nowledge of privacy regulations and enterprise risk frameworks.

xcellent stakeholder management, communication, and cross-functional collaboration skills.

roficient in GRC tools , Privacy Tools & Access management platforms.

Advertised: 10 Sep 2025

Application close: 11 Oct 2025

About Us
NowPay (YC W21) is a FinTech startup building a financial-wellness platform for employees in emerging markets. Saving, spending, budgeting and borrowing. Those are the 4 pillars of financial-wellness. NowPay aims to improve every aspect of those for employees by building products that tackle every vertical.

NowPay enables employees to get their salaries in advance at any point in time during the month and also pay their bills instantly. NowPay is backed by YCombinator, 500 Startups, BECO Capital, Global Ventures, Endure, Plug and Play, MSA Capital, 4dx, Foundation Ventures, EFG and Beltone.

Job Description
Role Summary:
We are seeking a skilled and proactive Information Security Engineer to lead and scale NowPay's cybersecurity posture. This role is critical to securing sensitive employee financial data, ensuring the integrity of salary disbursement systems, and supporting regulatory compliance (e.g. local regulators, PCI-DSS, and GDPR). The successful candidate will be responsible for designing and enforcing best-in-class security practices across our platforms, cloud infrastructure, and internal processes.

Key Responsibilities
Security Strategy & Architecture

• Define and continuously improve NowPay's information security strategy, policies, and controls across all layers (cloud, app, infrastructure).
• Lead threat modeling and risk assessment activities for new and existing systems.
• Ensure secure design of new fin-tech products including salary advance, BNPL, and bill payment services.

Vulnerability Management & Monitoring

• Conduct regular security assessments, vulnerability scans, and penetration testing.
• Monitor and respond to security incidents, collaborating with engineering and DevOps teams for resolution.
• Maintain and enhance audit logging, intrusion detection, and alerting systems.

Cloud & Application Security

• Implement secure configurations and hardening of AWS infrastructure (IAM, EC2, S3, RDS, etc.).
• Ensure secure code practices via CI/CD pipelines, code reviews, and dependency scanning (GitHub, Jira).
• Support the engineering team with encryption, tokenization, and data integrity mechanisms.

Compliance & Risk

• Support compliance with relevant regulatory frameworks (local regulators, PCI-DSS, ISO
• Manage security documentation, audits, and incident response playbooks.
• Collaborate with legal and compliance teams on security requirements for licensing or audits.

Employee Security Enablement

• Lead security awareness training for employees (e.g., phishing, password hygiene, secure device usage).
• Manage identity and access management (IAM), two-factor authentication, and role-based access controls.

Requirements

• 3+ years of experience in information security, preferably in fin-tech, banking, or SaaS environments.
• Hands-on experience with cloud/on-site security.
• Familiarity with regulatory and compliance standards: local regulators, GDPR, PCI-DSS, ISO 27001.
• Proficient in tools such as Metabase, GitHub, Jira, SIEMs, firewalls, and endpoint protection systems.
• Strong knowledge of OWASP Top 10, encryption protocols, and authentication systems.
• Bachelor's degree in Computer Science, Information Security, or related fields.

Benefits

• Medical insurance coverage
• Social insurance
• Salary advance

check(event) ; career-website-detail-template-2 => ,meta)" mousedown="lyte-button => check(event)" final- final-class="lyte-button lyteBackgroundColorBtn lyteSuccess" lyte-rendered="">

Job No:

Location: Egypt

Role Profile:

The GRC Admin will be responsible in implementing, interpreting, and ensuring compliance with information security policies. Assess and prioritize cybersecurity risks, supporting regulatory compliance, and report security metrics, maintaining governance standards, conducting risk assessments for internal systems and third-party vendors, enforcing security policies, and advising leadership on risk strategies such as mitigation, reduction, transfer, exception handling, and residual risk analysis.

The Below Key Performance Areas include but are not limited to:

 Implement a data security & privacy risk reporting framework aligned with ISO standards.

Design and document controls to ensure compliance with regulatory and internal requirements.

acilitate remediation of control gaps and escalate critical issues to leadership.

anage exception review processes and ensure periodic documentation and review.

repare for and support regulatory examinations such as PCI DSS.

ollaborate with auditors and control owners to ensure timely completion of requests.

onitor and analyze information security metrics to evaluate program effectiveness.

onduct risk assessments to identify vulnerabilities in systems and third-party products.

ecommend and implement controls to mitigate identified security risks.

ommunicate risk findings and actionable recommendations to stakeholders.

upport workforce security initiatives including awareness and training programs.

acilitate eDiscovery and data collection for investigations of policy violations.

nalyze security incidents and coordinate remediation and awareness efforts.

ontribute to the development and lifecycle management of security policies and procedures.

ollaborate across the organization to implement and enforce security policies.

Knowledge:

nderstanding of ISO standards and frameworks for information security risk reporting.

nowledge of designing and implementing technical, administrative, and physical security controls.

amiliarity with regulatory compliance requirements (e.g., GDPR, PCI DSS) and audit processes.

xperience in managing exception handling processes and compliance documentation.

bility to evaluate and improve the effectiveness of information security programs using metrics.

roficiency in conducting and documenting information security risk assessments.

nowledge of risk mitigation strategies and control implementation.

trong communication skills to convey risk findings and recommendations to stakeholders.

wareness of workforce security practices, including training and awareness programs.

xperience with eDiscovery processes and handling policy violation investigations.

nalytical skills for incident analysis and coordination of remediation efforts.

nderstanding of policy development, lifecycle management, and enforcement.

bility to collaborate across departments to implement security policies effectively.

Experience:

years experience in Information Security Domain

raduation Degree/BTech, Computer Science

ecurity +, Networking, certifications is added advantage.

Skills:
br>
Strong knowledge of information security governance, risk assessment, and compliance frameworks (e.g., GDPR, PCI DSS).

bility to develop, implement, and manage security policies, controls, and awareness programs.

roficiency in conducting risk assessments and analysing security metrics to support decision-making.

xcellent communication and collaboration skills for working with leadership, auditors, and cross-functional teams.

Advertised: 10 Sep 2025

Application close: 11 Oct 2025

• Establish and maintain the organization's Cyber Defense methodology in line with security regulations and requirements.
• Obtain senior management endorsement for security policies, standards, and procedures by clearly articulating their benefits.
• Investigate cybersecurity incidents and violations, reporting findings and recommendations to the CISO.
• Respond rapidly and effectively to cybersecurity incidents in line with incident management processes.
• Prepare periodic performance reports based on analysis and correlation of security events.
• Oversee projects and deployments of security tools to ensure an effective security posture.
• Lead the Security Operations Center (SOC) team, including shift planning and operational tool implementation.
• Manage the Cyber Defense Centre and its resources to ensure operational effectiveness.
• Maintain the security of corporate information against all internal and external threats.
• Provide security input into the organization's strategic planning process and enterprise-level decisions.
• Implement and maintain the organization's information security program in alignment with business objectives.
• Raise major cybersecurity incidents directly to the CISO.

Requirements

• Bachelor's degree in Computer Science, Information Systems, or related field.
• 10+ years of experience in Information Security / Cyber Defense.
• Proven experience managing SOC teams and cyber defense operations.
• Strong knowledge of incident response, threat detection, and security monitoring.
• Hands-on expertise with SIEM, endpoint protection, and enterprise security tools.
• Relevant certifications (CISSP, CISM, CISA, or equivalent) preferred.
• Strong analytical, leadership, and communication skills.