Infrastructure Security Engineer

  • Engineering
  • Riyadh, Saudi Arabia

Infrastructure Security Engineer

Job description

Communication is our business!

unifonic provides solutions for better customer engagement through a cloud-based platform. We empower businesses to engage with their people through a variety of channels, making their communication conversational, more personalized, fun, meaningful, and with ease.

Engineering principle: We ship robust, high-quality code, written for humans to read and maintain!

Infrastructure Security Engineer

The Infrastructure Security Engineer is driving the infrastructure security, automation, and risk management strategy. The Infrastructure Security Engineer is technical and highly cross-functional, looking at the big picture, and paying attention to details. Good judgment is required when evaluating risk and when proposing mitigations. It is an opportunity to have an impact on any layer of the stack and expand the knowledge and skillset in any security domain. The Infrastructure Security Engineer is constantly learning and teaching others about a changing threat landscape. The responsibilities of the Infrastructure Security Engineer include but are not limited to:

  • Assess security posture across the entire company while focusing on safety and protecting user data.

  • Increase the security of unifonic's core infrastructure which builds the foundation for the development and operation of the communication platform.

  • Propose fixes for vulnerabilities when you find them, but also work towards systemically eradicating classes of vulnerabilities through better tooling.

  • Design and implement core security infrastructure like authentication and authorization systems, pipelines and automation for security incident detection and response, PKI, and others.

  • Work towards making the secure path the easy path for our engineers.



  • Hands-on 3+ years of experience in one or more core domains: Securely using a public cloud, securing corporate networks and endpoints, application security, security incident detection, and response.

  • Ability to analyze and identify security shortcomings in complex software systems with a hacker mindset and technical skills to propose and implement solutions.

  • Strong software development skills, preferably in Python or Java.

  • Hands-on experience with Kali Linux and Burp Suite.

  • Good knowledge of OWASP Top10 Web Application Security Risks.

  • Start-up DNA: have demonstrated an ability to thrive in the ambiguity of a dynamic, start-up environment or have the DNA to do so.

  • AWS experience or similar.

  • Excellent communication, presentation, interpersonal, and analytical skills; the ability to communicate complex interaction concepts and risks clearly and persuasively in a highly eng-driven environment.

Nice To Have   

  • AWS experience or similar.

  • Experience with Kubernetes and/or Google Cloud security best practices and implementing them at scale.

  • Sufficient experience in managing employee devices and complex corporate networks.

  • Expertise in high-fidelity signal development to find malicious behavior; Ability to hunt for threats in security event data and building supporting tools and infrastructure.

  • Experience with malware analysis and forensics.

  • A history of giving back to the security industry via open source contributions, published papers, or conference presentations.

  • Bachelor's degree in Computer Engineering, Software Engineering, or other IT-related field.

  • Strong sense of ownership, critical thinking, and ability to drive Security mindset initiatives across teams. Analytical thinking, excellent communication skills, and being accountable for the results of your decisions.

  • Ability to spend substantial time interfacing with the remote teams on a daily basis.

  • Fluent in English with excellent writing/editing and verbal communication skills. Efficiency in Arabic is a plus.