Senior Cloud Security Engineer

Who Are We❓
We Are Foodics! a leading restaurant management ecosystem and payment tech provider. Founded in 2014 with headquarter in Riyadh and offices across 5 countries, including UAE, Egypt, Jordan and Kuwait. We are currently serving customers and partners in over 35 different countries worldwide. Our innovative products have successfully processed over 6 billion (yes, billion with a B) orders so far! making Foodics one of the most rapidly evolving SaaS companies to ever emerge from the MENA region. Also Foodics has achieved three rounds of funding, with the latest raising $170 million in the largest SaaS funding round in MENA, boosting its innovation capabilities to better serve business owners.

The Job in a Nutshell💡

We are seeking a Senior Cloud Security Engineer to strengthen and secure our cloud environments and infrastructure.
You will drive the implementation of zero-trust, least-privilege, and defense-in-depth principles while securing cloud workloads, identities, and network boundaries. The role involves monitoring threats, managing security controls such as WAF, DDoS, IAM, and KMS, and collaborating with Cloud, SRE, and Application Security teams to enforce secure architectures and guardrails. You will also support incident response, vulnerability management, and ensure compliance with security frameworks such as ISO 27001, NCA ECC, PCI-DSS, and SOC 2.

What Will You Do❓

• Drive adoption of zero-trust, least privilege, and defense-in-depth principles.
• Drive secure baseline configurations for compute, storage, databases, and serverless.
• Proactively participate in threat landscape monitoring using various threat intelligence and OSINT tools.
• Work closely with Cybersecurity team to perform attack surface management, vulnerability management and executing patch management procedures.
• Continuously assess and reduce identity risk (privilege creep, service identities) using PAM and IAM platforms.
• Periodic review of security logs from SIEM, WAF, CloudTrail and collaborating with outsourced MDR vendor for Incident management and reporting.
• Management of WAF, DDoS protection, and secure ingress/egress controls.
• Work closely with Application Security/QA in analyzing code level security findings using SAST/DAST tools and follow-up according to remediation plans.
• Manage cloud KMS, key lifecycle, and secrets management solutions.
• Collaborate with Cloud Engineers and SRE teams to define and enforce cloud guardrails using native policies and controls.
• Define and maintain cloud security reference architectures, design patterns and documenting incident response play books.
• Support audits and security assessments such as ISO27001, NCA ECC, SAMA CSF, PCI-DSS, SOC 2 and GPDR.
What Are We Looking For❓

• Strong expertise in IAM, network security, and cloud-native security controls.
• Solid understanding of containers, Kubernetes, and cloud-native workloads.
• Experienced working with DevSecOps practices and culture.
• Hands-on knowledge in deployment of Cloud or VM-firewalls, AWS or Cloudflare WAF configuration, DDoS services, SSL-VPN/IPSEC troubleshooting and support.
• Familiarity in securing EC2 instances, S3 buckets, source code repo (GitHub), container registries, containers and Kubernetes clusters.
• Proven incident response experience in cloud environments.
• Able to manage existing services for Cloudflare and AWS CloudFront.
• Able to integrate or ingest cloud logs and signals into SIEM/SOAR platforms.
• Strong CLI and scripting automation using Python, Bash, PowerShell, Go, PHP, and cloud-native CLI.
• Able to align with CSPM, CWPP, and CNAPP platforms.
Preferred Qualifications:

• Education: Bachelor’s degree in Computer Science, Engineering or Cybersecurity.
• 6-7 years combined experience in Information Security, Cybersecurity Analyst/SOC, Cloud Security & Incident Response roles.
• Having any of these industry cloud security certifications:
• AWS Certified Security – Specialty
• Google Professional Cloud Security Engineer
• Microsoft Azure Security Engineer Associate (AZ-500)
• CompTIA Security+ or Cloud+
• CSA Certificate of Cloud Security Knowledge (CCSK)
• GIAC Public Cloud Security (GPCS)
• (ISC)² Certified Cloud Security Professional (CCSP)
• Managing complex IAM deployments such as multi-cloud environments or hybrid identities.
• Experience in securing multi-cloud for a Fintech or Financial institution.What We Offer You❗
We believe you will love working at Foodics!

• We offer highly competitive compensation packages, including bonuses and the potential for shares.
• We prioritize personal development and offer regular training and an annual learning stipend to tackle new challenges and grow your career in a hyper-growth environment.
• Join a talented team of over 30 nationalities working in 14 countries, and gain valuable experience in an exciting industry.
• We offer autonomy, mentoring, and challenging goals that create incredible opportunities for both you and the company.