Cyber Security Specialist

Senior

6–10 Years

Lahore, Pakistan (On-Site)

The Role

What You Will Do

• Review the system architecture from a security perspective at the start of Phase 1, identifying risks and recommending mitigations before code is written
• Define and enforce data encryption standards across the platform — AES-256 at rest, TLS 1.3 in transit — and validate implementation compliance
• Design the AI-specific security framework: prompt injection prevention, data leakage controls on LLM outputs, adversarial input handling, and guardrails on the service account that executes user actions
• Conduct and manage quarterly penetration testing, working with internal and external testers, documenting findings, and driving remediation to closure
• Assess and harden the Azure Active Directory (Entra ID) configuration — MFA policy, conditional access, service principal permissions, and RBAC across all resources
• Review the API Gateway and microservices layer for common vulnerabilities — injection attacks, broken access control, insecure direct object references, and API-specific threat vectors
• Evaluate and advise on the hybrid connectivity model between the Azure-hosted portal and the on-premises SAP environment, identifying exposure in the integration layer
• Define data classification and retention policies by category (HR data, AI conversation logs, generated documents) and validate enforcement in the data layer
• Prepare and maintain documentation required for SOC 2 Type II compliance or equivalent, and support the formal audit process
• Monitor for security incidents during the post-launch support period, triage alerts, and coordinate response when required

What We Are Looking For

• 6 to 10 years of cyber security experience, with a meaningful portion spent on cloud-hosted enterprise systems rather than purely on-premises environments
• Strong Azure security expertise — Microsoft Defender for Cloud, Azure Sentinel or equivalent SIEM, Key Vault, Entra ID security configuration, and Azure networking security
• Hands-on experience conducting or managing application security assessments, penetration tests, and vulnerability remediation
• Deep understanding of OWASP Top 10 for web applications and OWASP API Security Top 10 — and how to identify these in code review and architecture review
• Familiarity with AI-specific security risks — prompt injection, indirect prompt injection, data extraction via LLM outputs, and model abuse patterns
• Understanding of data residency compliance frameworks, preferably including PDPL (Saudi Arabia's Personal Data Protection Law) or comparable GCC privacy regulations
• Experience preparing for and supporting formal security audits — SOC 2 Type II, ISO 27001, or equivalent
• Ability to translate security requirements into specific technical controls and validate that those controls are correctly implemented
• Clear, direct communicator who can engage both technical teams and non-technical stakeholders on security risk
• Nice to Have
• Relevant certifications: CISSP, CISM, CEH, OSCP, or Azure Security Engineer Associate
• Experience securing SAP integration environments or enterprise ERP API exposure
• Background in telecom sector security requirements or NCA (National Cybersecurity Authority, Saudi Arabia) framework compliance
• Prior experience on projects involving generative AI in regulated or sensitive data environments