Broxer
Join
A

Cybersecurity Expert

Astra Tech

Abu Dhabi, United Arab Emirates · Full Time

Be the first to apply

Experience
5–8 yrs
Salary
Openings
1
Posted
13 hours ago

Where you'll work

Job description

About the Company

Astra Tech is a UAE-based consumer technology business focused on building the digital backbone for everyday life. Its work spans AI-driven fintech, communications, and digital services, with a design approach centered on simplicity and real human needs.

The company’s core platform, botim, combines secure voice calling with AI-powered features and day-to-day money tools. Through botim money, it delivers financial services for individuals and SMEs, helping make payments, transfers, and credit more accessible. The platform currently reaches more than 150 million users globally. Its lending engine, Quantix, supports regulated, fast credit products across the ecosystem, including CashNow for instant access.

From communication to credit, the organization is focused on improving connectivity and financial inclusion across the region.

Role Summary

This position calls for a practical, technically strong cybersecurity specialist with advanced knowledge of offensive security, secrets management, and secure platform engineering. The role is centered on hands-on execution across cloud security, key and identity protection, red and blue team activities, DevSecOps integration, and resilience validation.

The successful candidate will be expected to design and implement security controls, test them through adversarial methods, and embed them into modern cloud-native environments.

Core Responsibilities

The role covers a broad mix of cloud, offensive, operational, and engineering security work, including:

  • Strengthening Azure environments by hardening tenants and applying controls across Entra ID, Conditional Access, Defender for Cloud, NSGs, Private Link, Key Vault, Policy, Blueprints, landing zone patterns, and CIS/Microsoft Cloud Security Benchmark standards.
  • Building and running enterprise key and secrets management processes, including Azure Key Vault and Managed HSM, BYOK/HYOK, certificate handling, rotation, envelope encryption, and integration with PKI and application secret stores.
  • Implementing privileged access management solutions such as CyberArk, BeyondTrust, PAM360, or similar tools, including vault architecture, session isolation and recording, just-in-time and just-enough access, credential rotation, and Tier-0 protection for hybrid identities.
  • Planning and carrying out vulnerability assessments and penetration tests for web applications and REST/GraphQL APIs in line with OWASP Top 10, ASVS, and API Security Top 10, and preparing clear, risk-ranked reports for technical teams and stakeholders.
  • Embedding security into CI/CD pipelines across Azure DevOps, GitHub Actions, and GitLab using SAST, DAST, SCA, infrastructure-as-code scanning, container and image scanning, secrets detection, and policy-as-code practices.
  • Operating Microsoft Sentinel from end to end, including connector setup, KQL-based hunting, analytics and UEBA rules, watchlist management, SOAR automation through Logic Apps, incident triage, MITRE ATT&CK mapping, and threat-intelligence integration.

Required Qualifications

  • A bachelor’s degree in Computer Science, Information Security, Engineering, or a closely related field.
  • Between 5 and 8 years of hands-on experience in cybersecurity engineering or security operations in enterprise or service-provider environments.
  • Proven production experience securing Microsoft Azure workloads across multi-subscription and hybrid identity environments.
  • A strong history of performing web and API penetration tests and delivering formal findings to enterprise audiences.
  • Practical experience with Microsoft Sentinel and Microsoft Defender XDR, including KQL, analytics rule creation, and Logic Apps automation.
  • Working familiarity with PAM platforms, key vault or HSM technologies, Burp Suite Pro, CI/CD security tools, and IaC security tooling.

Additional Information

Location: Abu Dhabi, UAE

Employment: Full-time, onsite role

This opportunity is designed for a candidate who can operate at a deep technical level and contribute directly to security architecture, testing, operations, and automation across a cloud-first environment.

Note

No stipend or salary details were provided in the source information.

No vacancy count, start date, or application deadline was specified.

Skills

Web Application Security Penetration Testing API Security DevSecOps Threat Hunting SOC Operations Microsoft Sentinel Key management CI/CD security Privileged Access Management Azure cloud security KQL

Leave it if you'd like a reply — we won't use it for anything else.

Click to browse, drag & drop, or paste a screenshot

PNG, JPG, GIF, MP4, WebM, MOV · Max 20MB each · Up to 5 files