72 Security Systems jobs in Egypt

1. Design, Implement & maintain Cloud Security Measures for public/private Cloud Infrastructure Platforms. This includes Securing Virtual Machines, storage Systems, Networks or Cloud Resources.

Develop and maintain security baselines for all information systems and ensure regular maintenance and update of all baselines inventory bank wide.

Perform regular baseline scans or reviews as applicable to ensure compliance with the developed security baselines and follow up on mitigating the identified gaps/findings

Support the implementation of the different security projects and initiatives through defining the necessary security requirements in full alignment with the security policies and industry requirements.

Contribute to the design and implementation of security controls & technologies including but not limited to firewalls, intrusion detection/prevention systems, access controls and cryptographic mechanisms to strengthen the bank security posture

Conduct comprehensive reviews for security controls & configurations in alignment with Banks' policy, compliance & regulation mandates and industry best practices

Effectively participate in the change and release management process to ensure adequate security controls are applied before go-live

Review and approve access control requests over different technology platforms/ and network security infrastructure to ensure adequate application of the approved security policies (e.g., Firewall rules change review).

Participate in the new server provisioning process to ensure conducting the needed security checks and ensure closure of any identified gaps before production deployment.

Ensure proper management and enforcement of privileged accounts over different technology layers (Operating System, Database, Application) including account designation, and implementation of privileged access control requirements.

Review and approve privileged access related requests including but not limited to (generic accounts creation, PAM access, access to existing accounts, etc.).

Assess and provide recommendations for IT & Cyber security policy deviation requests and ensure proper tracking of the same.

Bachelor's degree in Computer Science, Information Security, or a related field. A master's degree is preferred.

 for the senior) years of proven experience in security domains

Strong knowledge of Operating Systems Principals, secure design principles, and common security vulnerabilities

as strong technical experience and knowledge of several cyber security technologies including firewalls, IDS/IPS, DLP, End Point Security, Data Encryption, Database Security, Web/Email Filtering vulnerability scanners, code analysis tools, etc.

nowledge of industry regulations and standards such as CIS benchmark, ISO 27001, NIST, OWASP, etc.

xperience conducting security assessments, vulnerability testing, and risk assessments.

Mandatory Certification:

ISSP

CSP or CCSE

echnical Certification ex. Cisco, Palo Alto, F5, etc.

Recommended Certification:

ISM

SSLP

EH

ecurity+

IAC Certificates

trong communication and presentation skills

trong problem-solving and analytical skills

roficient verbal and written English

ime Management skills

1. Design, Implement & maintain Cloud Security Measures for public/private Cloud Infrastructure Platforms. This includes Securing Virtual Machines, storage Systems, Networks or Cloud Resources.

Develop and maintain security baselines for all information systems and ensure regular maintenance and update of all baselines inventory bank wide.

Perform regular baseline scans or reviews as applicable to ensure compliance with the developed security baselines and follow up on mitigating the identified gaps/findings

Support the implementation of the different security projects and initiatives through defining the necessary security requirements in full alignment with the security policies and industry requirements.

Contribute to the design and implementation of security controls & technologies including but not limited to firewalls, intrusion detection/prevention systems, access controls and cryptographic mechanisms to strengthen the bank security posture

Conduct comprehensive reviews for security controls & configurations in alignment with Banks' policy, compliance & regulation mandates and industry best practices

Effectively participate in the change and release management process to ensure adequate security controls are applied before go-live

Review and approve access control requests over different technology platforms/ and network security infrastructure to ensure adequate application of the approved security policies (e.g., Firewall rules change review).

Participate in the new server provisioning process to ensure conducting the needed security checks and ensure closure of any identified gaps before production deployment.

Ensure proper management and enforcement of privileged accounts over different technology layers (Operating System, Database, Application) including account designation, and implementation of privileged access control requirements.

Review and approve privileged access related requests including but not limited to (generic accounts creation, PAM access, access to existing accounts, etc.).

Assess and provide recommendations for IT & Cyber security policy deviation requests and ensure proper tracking of the same.

Bachelor's degree in Computer Science, Information Security, or a related field. A master's degree is preferred.

 for the senior) years of proven experience in security domains

Strong knowledge of Operating Systems Principals, secure design principles, and common security vulnerabilities

as strong technical experience and knowledge of several cyber security technologies including firewalls, IDS/IPS, DLP, End Point Security, Data Encryption, Database Security, Web/Email Filtering vulnerability scanners, code analysis tools, etc.

nowledge of industry regulations and standards such as CIS benchmark, ISO 27001, NIST, OWASP, etc.

xperience conducting security assessments, vulnerability testing, and risk assessments.

Mandatory Certification:

ISSP

CSP or CCSE

echnical Certification ex. Cisco, Palo Alto, F5, etc.

Recommended Certification:

ISM

SSLP

EH

ecurity+

IAC Certificates

trong communication and presentation skills

trong problem-solving and analytical skills

roficient verbal and written English

ime Management skills

Requirements:

• Bachelor's degree in Computer Engineering, Information Technology, or related field.

• 1–2 years of relevant experience in Information Security operations.

• Knowledge of networking, operating systems (Windows/Linux).

• Certifications such as CCNA, MCSA, or Linux are a plus.

• Good understanding of firewalls and endpoint security solutions.

• Strong problem-solving and analytical skills.

• Applicants must be residents of Alexandria.

Job Duties:

• Implement and monitor security measures to protect computer systems, networks, and information.

• Identify and define system security requirements.

• Design security architecture and develop detailed cybersecurity designs.

• Manage and troubleshoot firewalls, endpoint security, and related security tools.

• Respond to and investigate security incidents.

If you are interested, kindly send your updated CV to with email subject Information Security Engineer

About Us

We're a growing
fintech startup
reimagining secure financial systems. Security is not a department — it's a culture. We're looking for an engineer who thrives at the intersection of
development, operations, and security
— someone eager to help us
shift security left
and embed it into our
SDLC
.

About the Role

As a
Security Software Engineer
, you will play a key role in securing our systems from design to deployment. You will work closely with engineers, DevOps, and product teams to
integrate security practices
, ensure
cloud and infrastructure safety
, and support
compliance initiatives
like ISO or PCI DSS.

What You'll Do

• Embed security throughout the
  software development lifecycle (SDLC)
• Build and maintain
  security tools
  , scripts, and automations
• Integrate security controls into CI/CD pipelines
• Conduct threat modelling, secure code reviews, and vulnerability assessments
• Monitor and respond to incidents using
  SOC tools
  (e.g., Wazuh, Suricata, OSSIM)
• Support and enforce
  cloud security best practices
  (AWS/Azure)
• Collaborate with engineers to
  raise security awareness
  and fix vulnerabilities
• Participate in and contribute to
  ISO 27001, PCI DSS
  , and similar processes
• Document security standards and provide internal training

What We're Looking For

• 3+ years in
  security engineering
  , DevSecOps, or a similar role
• Strong familiarity with
  SDLC security practices and shift-left approach
• Experience with one or more
  programming/scripting languages
  (C#, Python, Bash, etc.)
• Experience working with
  Agile and XP teams
• Hands-on experience with
  SOC tools
  , SIEM, and log correlation
• Good grasp of
  cloud security (IAM, encryption, networking)
• Familiar with
  DevOps tooling
  (CI/CD, Docker, IaC, etc.)
• Solid foundation in
  networking protocols, firewalls, VPNs
• Competence with
  Git-based workflows
• Contributed to or maintained parts of
  ISO 27001, PCI DSS
  , or SOC2 programs

Nice to Have

• Certifications:
  Security+
  ,
  CISSP
  ,
  OSCP
  ,
  CEH
  , or cloud security credentials
• Experience with
  threat intelligence
  ,
  attack simulation tools
  , or
  bug bounty triage
• Exposure to
  Zero Trust architectures
• Familiarity with tools like
  Trivy, Checkov, Snyk, Owasp ZAP
• Experience in
  incident response and postmortems

Why Join Us?

• Flexible hours, outcome-based work
• Culture of transparency, agility, and collaboration
• Work with a team that values
  security as code
• High-impact role in shaping secure fintech systems
• A strong platform for
  growth, innovation, and leadership

Job No:

Location: Egypt

Role Profile:

The GRC Lead – Privacy, Risk & Access Management will play a pivotal role in strengthening Alshaya Group's governance, risk, and compliance posture with a core focus on data privacy, enterprise risk management, and identity & access governance. This role will also lead and support cross-functional security projects such as SSO integration and user access reviews, ensuring secure, compliant, and business-aligned identity practices across the enterprise.

The Below Key Performance Areas include but are not limited to:

 Develop and implement privacy and data protection policies aligned with GDPR, KVKK, PDPL, and other regional regulations.

Conduct DPIAs, PIAs, and privacy risk assessments to ensure responsible data handling.

anage enterprise risk through a structured Risk Management Framework and maintain the Enterprise Risk Register.

efine and enforce IAM policies including RBAC, SoD, and user access reviews.

ead or support IAM initiatives such as SSO integrations, PAM implementations, and access certification campaigns.

lign GRC and IAM practices with standards like ISO 27001, NIST, PCI DSS, and SOX.

acilitate internal and external audits, assessments, and third-party reviews.

versee GRC tools and privacy platforms (e.g., Archer, OneTrust, ServiceNow GRC).

rive cross-functional projects including policy harmonization and audit remediation.

repare executive-level reports and dashboards for governance and compliance oversight.

ct as a liaison for privacy, risk, and IAM discussions across departments.

romote GRC awareness and training across the organization.

Knowledge:

trong understanding of global privacy regulations (e.g., GDPR, KVKK, PDPL) and data protection principles.

n-depth knowledge of enterprise risk management frameworks and risk assessment methodologies.

amiliarity with IAM concepts including RBAC, SoD, SSO, PAM, and identity lifecycle management.

xperience with compliance standards such as ISO 27001, NIST, PCI DSS, and SOX.

roficiency in using GRC and privacy management tools (e.g., Archer, OneTrust, ServiceNow GRC).

bility to lead cross-functional projects and integrate GRC, IAM, and privacy workflows.

trong stakeholder engagement and communication skills for executive and cross-departmental collaboration.

nalytical skills for conducting DPIAs, PIAs, and interpreting KRIs and audit findings.

nowledge of authentication protocols (e.g., SAML, OIDC) and identity governance best practices.

xperience in managing DSARs, breach responses, and audit readiness activities.

Experience:

-7 years experience in Information Security Domain

achelor's degree in Information Security, Computer Science, Risk Management, or related field. Master's degree or MBA is a plus.

IPP/E, CIPM, or other IAPP certifications; CRISC, CISA, or ISO 27001 Lead Implementer; Identity and Access certifications such as Azure, Okta, or SailPoint; ITIL or PMP for project management is a plus.

Skills:
br>
Strong understanding of IAM principles, SSO protocols (SAML, OIDC), and identity lifecycle.

nowledge of privacy regulations and enterprise risk frameworks.

xcellent stakeholder management, communication, and cross-functional collaboration skills.

roficient in GRC tools , Privacy Tools & Access management platforms.

Advertised: 10 Sep 2025

Application close: 11 Oct 2025

About Us
NowPay (YC W21) is a FinTech startup building a financial-wellness platform for employees in emerging markets. Saving, spending, budgeting and borrowing. Those are the 4 pillars of financial-wellness. NowPay aims to improve every aspect of those for employees by building products that tackle every vertical.

NowPay enables employees to get their salaries in advance at any point in time during the month and also pay their bills instantly. NowPay is backed by YCombinator, 500 Startups, BECO Capital, Global Ventures, Endure, Plug and Play, MSA Capital, 4dx, Foundation Ventures, EFG and Beltone.

Job Description
Role Summary:
We are seeking a skilled and proactive Information Security Engineer to lead and scale NowPay's cybersecurity posture. This role is critical to securing sensitive employee financial data, ensuring the integrity of salary disbursement systems, and supporting regulatory compliance (e.g. local regulators, PCI-DSS, and GDPR). The successful candidate will be responsible for designing and enforcing best-in-class security practices across our platforms, cloud infrastructure, and internal processes.

Key Responsibilities
Security Strategy & Architecture

• Define and continuously improve NowPay's information security strategy, policies, and controls across all layers (cloud, app, infrastructure).
• Lead threat modeling and risk assessment activities for new and existing systems.
• Ensure secure design of new fin-tech products including salary advance, BNPL, and bill payment services.

Vulnerability Management & Monitoring

• Conduct regular security assessments, vulnerability scans, and penetration testing.
• Monitor and respond to security incidents, collaborating with engineering and DevOps teams for resolution.
• Maintain and enhance audit logging, intrusion detection, and alerting systems.

Cloud & Application Security

• Implement secure configurations and hardening of AWS infrastructure (IAM, EC2, S3, RDS, etc.).
• Ensure secure code practices via CI/CD pipelines, code reviews, and dependency scanning (GitHub, Jira).
• Support the engineering team with encryption, tokenization, and data integrity mechanisms.

Compliance & Risk

• Support compliance with relevant regulatory frameworks (local regulators, PCI-DSS, ISO
• Manage security documentation, audits, and incident response playbooks.
• Collaborate with legal and compliance teams on security requirements for licensing or audits.

Employee Security Enablement

• Lead security awareness training for employees (e.g., phishing, password hygiene, secure device usage).
• Manage identity and access management (IAM), two-factor authentication, and role-based access controls.

Requirements

• 3+ years of experience in information security, preferably in fin-tech, banking, or SaaS environments.
• Hands-on experience with cloud/on-site security.
• Familiarity with regulatory and compliance standards: local regulators, GDPR, PCI-DSS, ISO 27001.
• Proficient in tools such as Metabase, GitHub, Jira, SIEMs, firewalls, and endpoint protection systems.
• Strong knowledge of OWASP Top 10, encryption protocols, and authentication systems.
• Bachelor's degree in Computer Science, Information Security, or related fields.

Benefits

• Medical insurance coverage
• Social insurance
• Salary advance

check(event) ; career-website-detail-template-2 => ,meta)" mousedown="lyte-button => check(event)" final- final-class="lyte-button lyteBackgroundColorBtn lyteSuccess" lyte-rendered="">

Job No:

Location: Egypt

Role Profile:

The GRC Admin will be responsible in implementing, interpreting, and ensuring compliance with information security policies. Assess and prioritize cybersecurity risks, supporting regulatory compliance, and report security metrics, maintaining governance standards, conducting risk assessments for internal systems and third-party vendors, enforcing security policies, and advising leadership on risk strategies such as mitigation, reduction, transfer, exception handling, and residual risk analysis.

The Below Key Performance Areas include but are not limited to:

 Implement a data security & privacy risk reporting framework aligned with ISO standards.

Design and document controls to ensure compliance with regulatory and internal requirements.

acilitate remediation of control gaps and escalate critical issues to leadership.

anage exception review processes and ensure periodic documentation and review.

repare for and support regulatory examinations such as PCI DSS.

ollaborate with auditors and control owners to ensure timely completion of requests.

onitor and analyze information security metrics to evaluate program effectiveness.

onduct risk assessments to identify vulnerabilities in systems and third-party products.

ecommend and implement controls to mitigate identified security risks.

ommunicate risk findings and actionable recommendations to stakeholders.

upport workforce security initiatives including awareness and training programs.

acilitate eDiscovery and data collection for investigations of policy violations.

nalyze security incidents and coordinate remediation and awareness efforts.

ontribute to the development and lifecycle management of security policies and procedures.

ollaborate across the organization to implement and enforce security policies.

Knowledge:

nderstanding of ISO standards and frameworks for information security risk reporting.

nowledge of designing and implementing technical, administrative, and physical security controls.

amiliarity with regulatory compliance requirements (e.g., GDPR, PCI DSS) and audit processes.

xperience in managing exception handling processes and compliance documentation.

bility to evaluate and improve the effectiveness of information security programs using metrics.

roficiency in conducting and documenting information security risk assessments.

nowledge of risk mitigation strategies and control implementation.

trong communication skills to convey risk findings and recommendations to stakeholders.

wareness of workforce security practices, including training and awareness programs.

xperience with eDiscovery processes and handling policy violation investigations.

nalytical skills for incident analysis and coordination of remediation efforts.

nderstanding of policy development, lifecycle management, and enforcement.

bility to collaborate across departments to implement security policies effectively.

Experience:

years experience in Information Security Domain

raduation Degree/BTech, Computer Science

ecurity +, Networking, certifications is added advantage.

Skills:
br>
Strong knowledge of information security governance, risk assessment, and compliance frameworks (e.g., GDPR, PCI DSS).

bility to develop, implement, and manage security policies, controls, and awareness programs.

roficiency in conducting risk assessments and analysing security metrics to support decision-making.

xcellent communication and collaboration skills for working with leadership, auditors, and cross-functional teams.

Advertised: 10 Sep 2025

Application close: 11 Oct 2025

• Establish and maintain the organization's Cyber Defense methodology in line with security regulations and requirements.
• Obtain senior management endorsement for security policies, standards, and procedures by clearly articulating their benefits.
• Investigate cybersecurity incidents and violations, reporting findings and recommendations to the CISO.
• Respond rapidly and effectively to cybersecurity incidents in line with incident management processes.
• Prepare periodic performance reports based on analysis and correlation of security events.
• Oversee projects and deployments of security tools to ensure an effective security posture.
• Lead the Security Operations Center (SOC) team, including shift planning and operational tool implementation.
• Manage the Cyber Defense Centre and its resources to ensure operational effectiveness.
• Maintain the security of corporate information against all internal and external threats.
• Provide security input into the organization's strategic planning process and enterprise-level decisions.
• Implement and maintain the organization's information security program in alignment with business objectives.
• Raise major cybersecurity incidents directly to the CISO.

Requirements

• Bachelor's degree in Computer Science, Information Systems, or related field.
• 10+ years of experience in Information Security / Cyber Defense.
• Proven experience managing SOC teams and cyber defense operations.
• Strong knowledge of incident response, threat detection, and security monitoring.
• Hands-on expertise with SIEM, endpoint protection, and enterprise security tools.
• Relevant certifications (CISSP, CISM, CISA, or equivalent) preferred.
• Strong analytical, leadership, and communication skills.

Job No:

Location: Egypt

Role Profile:

Alshaya employed a dedicated security team to implement and maintain the organization's information security program. Typically, this group is led by a chief information officer. The security group is generally responsible for conducting risk management, a process through which vulnerabilities and threats to information assets are continuously assessed, and the appropriate protective controls are decided on and applied. The value of an organization lies within its information and its security is critical for business operations, as well as retaining credibility and earning the trust of clients.

Information security programs are built around the core objectives of the CIA triad: maintaining the confidentiality, integrity and availability of IT systems and business data.

The below Key Performance Areas include but are not limited to:

 Define risk governance strategy and ensure alignment with business objectives

Approve control frameworks and ensure cross-functional adoption

eport risk trends and remediation status to executive leadership

overn exception policy and ensure audit readiness

nsure audit outcomes drive continuous improvement

ead enterprise-wide audit planning and regulatory alignment

resent security metrics to board-level stakeholders

trategic alignment of risk assessments with business objectives

ponsor control initiatives and allocate resources

nfluence business decisions through risk intelligence

hampion security culture and workforce engagement

overn enterprise investigation protocols and legal coordination

wn Policy enforcement governance and regulatory reporting

efine policy governance and ensure enterprise alignment

ead enterprise-wide security programs and stakeholder alignment

efine exception handling strategy and oversee execution

Knowledge (Desired):

uthority on ISO governance and regulatory alignment, ensuring frameworks are embedded across the organization.

trategic oversight of control architecture, ensuring alignment with compliance requirements and business objectives.

xecutive-level communication of risk posture, security strategy, and compliance status to leadership and stakeholders.

eadership in compliance governance, regulatory engagement, and fostering a culture of accountability.

ffective stakeholder communication and coordination during investigations and legal holds.

versight of performance measurement, continuous improvement, and reporting of security and compliance KPIs.

eads enterprise risk alignment, facilitates risk assessments, and engages executive stakeholders in mitigation strategies.

overns the full policy lifecycle, ensuring strategic alignment and enforcement of security policies.

eads enterprise-wide compliance and risk mitigation programs through cross-functional collaboration.

versees breach response, including senior management notification and crisis management coordination.

Experience

0 – 15 Years of Experience

 Manager
br>
Professional Certification: CISM, CGEIT, ISO 27001 Lead Auditor, CIPM, CRISC, CISA PCI ISA

Skills:

roficient in Risk Management: Skilled in identifying, evaluating, and mitigating enterprise-level risks.

ands-on experience with GRC tools: Practical knowledge of platforms such as Archer, ServiceNow GRC, or equivalent for managing governance, risk, and compliance workflows.

trategic oversight of security controls: Ability to design, implement, and monitor control frameworks aligned with regulatory standards.

xpertise in ISO and regulatory frameworks: Deep understanding of ISO standards and global compliance requirements (e.g., GDPR, PCI DSS).

olicy governance: Capable of managing the full lifecycle of security policies and ensuring strategic alignment with business objectives.

ompliance leadership: Drives compliance awareness and engagement across departments, including regulatory liaison.

isk communication: Communicates risk posture and mitigation strategies effectively to executive leadership and stakeholders.

ncident response coordination: Leads breach response efforts, including senior management notification and crisis handling.

erformance metrics and evaluation: Oversees the development and tracking of key performance indicators for continuous improvement.

ross-functional collaboration: Leads enterprise-wide initiatives for compliance, risk mitigation, and audit readiness.

Advertised: 10 Sep 2025

Application close: 11 Oct 2025