Cyber Security Engineer

JOB PURPOSE:Protect the payment platforms of Modupay, customer data and internal systems from any form of cyber-attacks by implementing security measures, detecting any gaps and reacting to any form of attacks.KEY ACCOUNTABILITIES:Develop, maintain, and enhance information security policies, standards, procedures, and secure configuration baselines.Plan, perform, and coordinate vulnerability assessments and penetration tests for internal, external, web, API, cloud, and mobile environments, and track remediation to closure.Execute security testing methodologies including reconnaissance, validation of findings, exploitation within approved scope, post-test reporting, and retesting of remediated issues.Develop, implement, and distribute incident response, escalation, and breach-handling procedures, and support investigations of security events.Monitor and analyze security alerts, threat intelligence, and attack trends, and communicate actionable risk information to technical and business stakeholders.Conduct control reviews to confirm adherence to security policies, operational procedures, and secure development and infrastructure practices.Support compliance with Egyptian data protection requirements, National Telecom Regulatory Authority cybersecurity obligations where applicable, PCI DSS, and relevant Central Bank of Egypt expectations for financial services.Work with IT, engineering, product, and third-party providers to remediate vulnerabilities, strengthen security architecture, and improve security posture across the environment.KNOWLEDGE, SKILLS & COMPETENCIES:Education BackgroundBachelor’s degree in Computer Science or Information Systems or EngineeringCompetenciesStrong understanding of computer science fundamentals, operating systems, networks, web technologies, databases, authentication, and common enterprise architectures.Hands-on capability to perform penetration testing and vulnerability assessments using recognized methodologies and secure reporting practices.Practical knowledge of web, API, network, cloud, Active Directory, and mobile security testing concepts, including validation of findings, risk rating, and remediation guidance.Experience with security operations concepts such as SIEM, DLP, EDR, incident response, threat hunting, perimeter defense, risk assessment, and security metrics.Strong understanding of adversary tactics, techniques, and procedures, threat modeling, kill chain analysis, and common attack paths used by cybercriminal and advanced threat actors.Ability to write clear technical reports and executive summaries, communicate risks effectively, and speak authoritatively to technical and non-technical audiences.Familiarity with the Egyptian cybersecurity and payments landscape, including digital banking, wallets, card environments, and local regulatory expectations.Relevant certifications preferred, such as OSCP, PNPT, eJPT, CEH Practical, GPEN, Security+, CySA+, or CISSP/SSCP, with at least one hands-on offensive security certification strongly preferred for roles performing penetration testing.Strong stakeholder management, ethics, discretion, and the ability to work within approved rules of engagement and documented authorization for testing activities.Language SkillsVery Good in writing and reading English languageYears of Experience2-3 YearsInternal StakeholdersCISO, Product, Compliance, IT Operations, Legal, HRExternal StakeholdersExternal auditors, penetration testing vendors, regulators, payment partners, and relevant Egyptian authorities and industry bodies.