About SiFi

SiFi is a Saudi B2B fintech licensed by the Saudi Central Bank (SAMA), delivering wallet, disbursement, and payment services to enterprises across the Kingdom on Oracle Cloud Infrastructure. Our cybersecurity function is aligned to the SAMA Cybersecurity Framework and works hand-in-hand with Technology and Engineering.

Purpose of the Role

The Cybersecurity function sets security standards, monitors compliance, and reports to governance. The Technology department owns and operates the infrastructure those standards apply to. This role bridges the two — executing security controls on production and corporate infrastructure under the direction of Technology, with priorities aligned to security posture improvement and SAMA CSF requirements.

This is a hands-on technical role, not a policy or advisory position.

Core Responsibilities

Vulnerability & Patch Remediation

· Own technical remediation of infrastructure vulnerabilities across Windows, Linux, and network platforms.

· Track Critical and High findings to closure within remediation SLAs.

· Coordinate patching windows with SRE, application, and business owners.

Infrastructure Security Operations

· Apply and maintain hardening baselines for servers, endpoints, network devices, and cloud workloads.

· Maintain EDR, MDM, and DLP coverage across all in-scope assets — identify and close gaps.

· Remediate security gaps across server, endpoint, network, and cloud surfaces.

SOC / MDR Case Remediation

· Investigate SOC and MDR cases that require action on infrastructure.

· Determine root cause on the affected asset (server, endpoint, network, cloud).

· Apply technical fixes and close remediation actions in coordination with the SOC / MDR partner.

PAM & Privileged Access Implementation

· Onboard privileged accounts into the enterprise PAM platform.

· Remediate privileged access gaps across infrastructure (shared accounts, standing access, weak credential handling).

· Support secure administrative access practices for SRE, DBAs, and infrastructure operators.

Cloud Security Operations

· Operate Oracle Cloud Infrastructure (OCI) security controls — IAM policy, network security lists, security zones.

· Review and remediate OCI Cloud Guard findings on a continuous basis.

· Support secure cloud configuration during build and change activities.

Backup & Restore Security

· Own technical security controls on backup and restore infrastructure — access control, encryption, immutability, and segmentation across backup and recovery paths.

· Validate hardening of backup repositories and restore targets, and verify restored systems return to baseline before release.

· Execute security validation during restore-testing exercises — verify backup integrity, detect tampering, and confirm recovered systems are safe to return to service.

This role does not own BCP, DR strategy, RTO/RPO, or backup operations.

Assist Responsibilities

The following responsibilities have a primary owner outside Technology. This role supports execution where infrastructure access or change is required — it does not own the governance, process, or business decision.

Change Management

· Raise security-related change requests in the ITSM system.

· Attach security impact assessments, test results, and rollback evidence.

· Support emergency changes when a security incident requires accelerated execution.

Not the Change Manager.

User Access Reviews

· Extract access reports from infrastructure (AD, cloud, PAM, network devices).

· Implement approved access removals or modifications.

· Provide evidence of completion to the review owner.

Not the owner of the review process or business sign-off.

Segregation of Duties

· Implement approved technical remediation on infrastructure.

· Support investigation of suspected violations on infrastructure assets.

Not the owner of SoD governance or policy.

MDM Compliance

· Identify non-compliant or unenrolled devices.

· Coordinate enrollment and remediation with IT Support (primary owner).

Not the owner of endpoint support or device lifecycle.

Application Security Remediation

· Support remediation only when the fix requires infrastructure, IAM, network, cloud, or server changes.

Not the owner of code remediation.

Requirements

Requirements:

· 3–5 years in IT security operations, infrastructure security, or security engineering.

· Hands-on experience with the following tools and platforms used in this environment:

· Oracle Cloud Infrastructure (OCI) — security controls, IAM, network security, Cloud Guard (Must)

· Qualys VMDR for vulnerability and patch management

· ManageEngine Password Manager Pro (PMP) for privileged access management

· ManageEngine Endpoint Central for endpoint management and patching

· Strong Linux and Windows server administration, hardening, and patching experience.

· Working knowledge of identity and access management (Active Directory, MFA, RBAC, SoD principles).

· Ability to work across teams — this role sits in Technology but serves security objectives.

· Strong written and verbal communication in English; Arabic is a plus.

Preferred

· Experience in a regulated financial institution or fintech environment.

· Familiarity with CIS Benchmarks or vendor hardening guides.

· Exposure to ITSM platforms (e.g. ManageEngine ServiceDesk Plus) for change and incident workflows.