Senior InfoSec Compliance & Terraform Engineer - Banking
Posted about 19 hours ago
Location: Cairo, Egypt (100% On-Premise)
Contract Duration: 12 Months (Renewable)
Employment Type: Contract
About us:
Where elite tech talent meets world-class opportunities!
At Xenon7, we work with leading enterprises and innovative startups on exciting, cutting-edge projects that leverage the latest technologies across various domains of IT including Data, Web, Infrastructure, AI, and many others. Our expertise in IT solutions development and on-demand resources allows us to partner with clients on transformative initiatives, driving innovation and business growth. Whether it's empowering global organizations or collaborating with trailblazing startups, we are committed to delivering advanced, impactful solutions that meet today’s most complex challenges.
About the Client:
Join one of Egypt’s largest financial institutions, widely recognized as a historic pillar of the national economy with a legacy spanning over a century. Serving a massive and dynamic clientele, the institution operates an extensive network of over 800 domestic branches alongside a powerful and growing global presence. Renowned for its comprehensive ecosystem of financial services, including Corporate, Retail, Investment, and Islamic Banking, we are currently spearheading one of the region's most ambitious digital transformation journeys. We are fully committed to leveraging cutting-edge cloud technologies, secure automation pipelines, and next-generation data architectures to redefine modern banking performance and service delivery.
Job Summary:
This role exists to accelerate and automate the information security compliance posture across IT and Digital Transformation. The specialist acts as the InfoSec function's technical compliance arm, integrating regulatory requirements (CBE, PCI DSS) directly into modern infrastructure deployment frameworks. By leveraging Infrastructure as Code (IaC) via Terraform, this role ensures that security controls are automated, audited, and embedded into the foundations of our virtualized and automated environments.
Key Responsibilities:
- Maintain a live compliance tracker mapped directly to Terraform deployment templates across active CBE Cyber security Framework control domains, including IAM, PAM, and Network Segmentation.
- Define and enforce Compliance-as-Code policies, ensuring all virtualized and cloud infrastructure provisioned via Terraform inherently adheres to banking regulations and internal control commitments.
- Conduct regular technical walkthroughs and automated code reviews with IT and DevOps teams to validate security control implementation status and proactively close evidence gaps.
- Lead the end-to-end PCI DSS engagement cycle, taking ownership of scoping, gap assessments, and remediation tracking to achieve full Report on Compliance (RoC) readiness.
- Coordinate cross-functionally to ensure cardholder data environment (CDE) controls are rigidly implemented, version-controlled, and maintained using secure, standardized Terraform modules.
- Manage relationships with appointed Qualified Security Assessors (QSAs) and regulatory bodies, leveraging automated validation logs and deployment state files to streamline the audit lifecycle.
- Audit, review, and approve Terraform scripts and modules to eliminate infrastructure security misconfigurations, such as overly permissive IAM policies, unencrypted storage, or exposed network ports.
- Integrate and manage static application security testing (SAST) tools for Infrastructure as Code (such as Checkov, Tfsec, or Sentinel) directly into the deployment pipeline to flag compliance violations before production.
- Standardize baseline security hardening configurations and access matrices across virtualized environments, translating administrative corporate policies into automated architectural guardrails.
- Plan and execute continuous internal security assurance exercises—including configuration testing and access reviews—while scoping and managing specialized third-party penetration testing and cloud security assessment vendors.
Requirements
- Professional Experience: Minimum 7 years of information security experience, with at least 3 years operating within a major banking or financial institution under Central Bank of Egypt (CBE) oversight.
- Hands-on Terraform Expertise: A proven, practical track record of writing, auditing, and managing production-grade Terraform scripts to provision secure infrastructure and enforce baseline system hardening.
- Regulatory Mastery: Deep, applied knowledge of the CBE Cybersecurity Framework and PCI DSS obligations, including active, hands-on participation in at least one full RoC or SAQ-D assessment cycle.
- DevSecOps & Pipeline Tooling: Practical familiarity with modern version control workflows (Git/GitHub), CI/CD pipelines, and static application security testing (SAST) tools for Infrastructure as Code, such as Checkov, Tfsec, or HashiCorp Sentinel.
- Technical Infrastructure Assurance: Strong background in conducting automated and manual configuration reviews, risk assessments, and compliance gap testing across network layers, applications, and virtualized/cloud environments.
- Communication & Language: Exceptional technical reporting skills with the ability to translate complex security risks into clear executive or regulatory language, with fluent professional proficiency in both Arabic and English.
Benefits
- Attractive, market-leading salary package
- Clear career advancement path with professional development opportunities
Other open roles at Xenon7(6)
Use Xenon Bot to Backup, archive, copy, clone or synchronize your Discord server and take advantage of hundreds of free templates.
Jobr aggregates jobs directly from company career portals — no middlemen. Our team applies on your behalf with AI-tailored resumes, reviewed by a human before submission.