Cyber Security Engineer

About us

Tamara is the leading fintech platform in Saudi Arabia and the wider GCC region with a mission to help people make their dreams come true by building the most customer-centric financial super-app on earth. The company serves millions of users in the region and partners with leading global and regional brands such as SHEIN, Jarir, noon, IKEA and Amazon, as well as small and medium businesses.

Tamara is Saudi’s first fintech unicorn and is backed by Sanabil Investments, SNB Capital, Checkout.com, amongst others, operating out of its headquarters in Riyadh, Saudi Arabia with other regional and global support offices.

Your Role

Tamara is seeking a Cyber Security Engineer to join our growing Cyber Security team. In this role, you will support the design, implementation, and maintenance of secure infrastructure and systems to protect Tamara’s platform and customers. You will contribute to initiatives that ensure best practices in cloud security, application security, and secure software development are embedded into our systems from the ground up.

This role requires a foundational understanding of security principles such as threat modeling, vulnerability management, and secure architecture. You will work closely with IT/Engineering, DevOps/Platform, and product teams to support security-by-design practices and help address evolving security risks. As an early-career engineer, you are expected to be hands-on, proactive in learning, and gradually take ownership of security improvements while contributing to the overall maturity of Tamara’s security operations.

Your Responsibilities

• Support the design, implementation, and continuous improvement of secure systems and infrastructure in alignment with Tamara’s security strategy.
• Participate in security assessments, threat modeling, and reviews for new and existing services.
• Identify, investigate, and support remediation of vulnerabilities across code, containers, endpoints, and cloud environments.
• Collaborate with engineering teams to help embed security controls within CI/CD pipelines and development workflows.
• Assist with the deployment, configuration, and maintenance of security tools such as SIEM, EDR, and vulnerability scanners.
  
  
• Review system designs and code changes to help identify security risks and ensure alignment with security best practices.
• Support monitoring, analysis, and response to security events in coordination with SOC and incident response processes.
• Contribute to documentation, runbooks, and security procedures, and continuously develop technical security skills.

Your Expertise

• 0–3 years of experience in Cyber Security, IT Security, DevSecOps, or a related technical role.
• Basic understanding of secure coding practices and common vulnerability types (e.g., OWASP Top 10).
• Exposure to cloud environments (e.g., GCP, OCI, AWS) with interest in security hardening and secure configurations.
• Familiarity with containers or containerized environments (e.g., Docker, Kubernetes) is a plus.
• Foundational knowledge of security frameworks or standards such as SAMA CSF, NCA, ISO 27001, or NIST.
• Experience with scripting or automation (Python, Bash, or similar) for basic security or operational tasks.
• Strong problem-solving skills, willingness to learn, and ability to collaborate effectively with cross-functional teams.
• Entry-level or early-career security certifications (or active pursuit of them) such as eJPT, ICSI CPT / CPPT, CEH, or cloud security certifications (GCP or AWS), are a plus.

All qualified individuals are encouraged to apply.

To learn more about how we protect your privacy, please visit our Candidate privacy notice.