Senior Cloud Security Engineer

Who Are We❓We Are Foodics! a leading restaurant management ecosystem and payment tech provider. Founded in 2014 with headquarter in Riyadh and offices across 5 countries, including UAE, Egypt, Jordan and Kuwait. We are currently serving customers and partners in over 35 different countries worldwide. Our innovative products have successfully processed over 6 billion (yes, billion with a B) orders so far! making Foodics one of the most rapidly evolving SaaS companies to ever emerge from the MENA region. Also Foodics has achieved three rounds of funding, with the latest raising $170 million in the largest SaaS funding round in MENA, boosting its innovation capabilities to better serve business owners.The Job in a NutshellWe are seeking a Senior Cloud Security Engineer to strengthen and secure our cloud environments and infrastructure. You will drive the implementation of zero-trust, least-privilege, and defense-in-depth principles while securing cloud workloads, identities, and network boundaries. The role involves monitoring threats, managing security controls such as WAF, DDoS, IAM, and KMS, and collaborating with Cloud, SRE, and Application Security teams to enforce secure architectures and guardrails. You will also support incident response, vulnerability management, and ensure compliance with security frameworks such as ISO 27001, NCA ECC, PCI-DSS, and SOC 2.What Will You Do❓Drive adoption of zero-trust, least privilege, and defense-in-depth principlesDrive secure baseline configurations for compute, storage, databases, and serverlessProactively participate in threat landscape monitoring using various threat intelligence and OSINT toolsWork closely with Cybersecurity team to perform attack surface management, vulnerability management and execute patch management proceduresContinuously assess and reduce identity risk (privilege creep, service identities) using PAM and IAM platformsPeriodic review of security logs from SIEM, WAF, CloudTrail and collaborate with outsourced MDR vendor for Incident management and reportingManagement of WAF, DDoS protection, and secure ingress/egress controlsWork closely with Application Security/QA in analyzing code level security findings using SAST/DAST tools and follow-up according to remediation plansManage cloud KMS, key lifecycle, and secrets management solutionsCollaborate with Cloud Engineers and SRE teams to define and enforce cloud guardrails using native policies and controlsDefine and maintain cloud security reference architectures, design patterns and document incident response play booksSupport audits and security assessments such as ISO27001, NCA ECC, SAMA CSF, PCI-DSS, SOC 2 and GPDRWhat Are We Looking For❓Strong expertise in IAM, network security, and cloud-native security controlsSolid understanding of containers, Kubernetes, and cloud-native workloadsExperienced working with DevSecOps practices and cultureHands‑on knowledge in deployment of Cloud or VM‑firewalls, AWS or Cloudflare WAF configuration, DDoS services, SSL‑VPN/IPSEC troubleshooting and supportFamiliarity in securing EC2 instances, S3 buckets, source code repo (GitHub), container registries, containers and Kubernetes clustersProven incident response experience in cloud environmentsAble to manage existing services for Cloudflare and AWS CloudFrontAble to integrate or ingest cloud logs and signals into SIEM/SOAR platformsStrong CLI and scripting automation using Python, Bash, PowerShell, Go, PHP, and cloud-native CLIAble to align with CSPM, CWPP, and CNAPP platformsPreferred QualificationsEducation: Bachelor's degree in Computer Science, Engineering or Cybersecurity6-7 years combined experience in Information Security, Cybersecurity Analyst/SOC, Cloud Security & Incident Response rolesHaving any of these industry cloud security certifications:AWS Certified Security - SpecialtyGoogle Professional Cloud Security EngineerMicrosoft Azure Security Engineer Associate (AZ-500)CompTIA Security+ or Cloud+CSA Certificate of Cloud Security Knowledge (CCSK)GIAC Public Cloud Security (GPCS)(ISC)² Certified Cloud Security Professional (CCSP)Managing complex IAM deployments such as multi‑cloud environments or hybrid identitiesExperience in securing multi‑cloud for a Fintech or Financial institutionWhat We Offer YouWe offer highly competitive compensation packages, including bonuses and the potential for sharesWe prioritize personal development and offer regular training and an annual learning stipend to tackle new challenges and grow your career in a hyper‑growth environmentJoin a talented team of over 30 nationalities working in 14 countries, and gain valuable experience in an exciting industryWe offer autonomy, mentoring, and challenging goals that create incredible opportunities for both you and the company#J-18808-Ljbffr