Company Description

MaxAB is re-engineering Africa's informal retail sector through a B2B e-commerce and fintech super app. Since launching in 2018, we've connected over 150,000 traditional retailers with suppliers, delivering 2.5+ million orders across Egypt and Morocco. Our fintech business now generates more revenue than e-commerce, with over $180 million in sales last year. Following our merger with Wasoko, we're expanding across Sub-Saharan Africa.

Position Overview

We are seeking a skilled Cyber Security Engineer to join our security team and help safeguard our fintech infrastructure, applications, and data. You will play a critical role in identifying vulnerabilities, implementing security controls, and ensuring compliance with financial industry regulations. This position requires both technical expertise and the ability to work cross-functionally with engineering, product, and compliance teams.

Key Responsibilities

Security Architecture & Implementation

• Design, implement, and maintain security controls across cloud infrastructure, applications, and networks
• Develop and enforce security standards, policies, and procedures aligned with fintech industry best practices
• Architect secure solutions for payment processing, API integrations, and data storage systems
• Implement and manage security tools including SIEM, IDS/IPS, WAF, DLP, and endpoint protection

Threat Detection & Response

• Monitor security alerts and respond to security incidents in a timely manner
• Conduct threat hunting activities to proactively identify potential security risks
• Lead incident response efforts, including forensic analysis and root cause investigation
• Develop and maintain incident response playbooks and disaster recovery procedures

Vulnerability Management

• Perform regular security assessments, penetration testing, and vulnerability scans
• Conduct code reviews and security assessments of applications and infrastructure
• Work with development teams to remediate identified vulnerabilities
• Manage bug bounty programs and coordinate with external security researchers

Compliance & Risk Management

• Ensure compliance with relevant regulations (PCI-DSS, GDPR, local data protection laws)
• Support internal and external security audits
• Conduct security risk assessments for new products, features, and third-party integrations
• Maintain security documentation and evidence for compliance requirements

Security Awareness & Collaboration

• Provide security guidance and training to engineering and operations teams
• Participate in design reviews and provide security recommendations
• Build security champions program across engineering teams
• Stay current with emerging threats, vulnerabilities, and security technologies

Required Qualifications

• Bachelor's degree in Computer Science, Information Security, or related field
• 3-5 years of experience in cybersecurity, with preference for fintech or financial services experience
• Strong understanding of security frameworks (OWASP, NIST, ISO 27001)
• Hands-on experience with cloud security (AWS, GCP, or Azure)
• Proficiency in security tools and technologies (SIEM, IDS/IPS, WAF, vulnerability scanners)
• Experience with secure coding practices and application security testing
• Knowledge of network security, cryptography, and authentication mechanisms
• Understanding of PCI-DSS and other financial industry compliance requirements
• Scripting skills in Python, Bash, or similar languages for automation
• Strong analytical and problem-solving abilities

Preferred Qualifications

• Professional security certifications (CISSP, CEH, OSCP, GIAC, or similar)
• Experience with DevSecOps and security automation in CI/CD pipelines
• Knowledge of container security (Docker, Kubernetes)
• Experience with payment systems and financial transaction security
• Familiarity with fraud detection and prevention mechanisms
• Experience with security orchestration and automation (SOAR)
• Prior experience in a fast-paced startup environment
  

• للتقديم الان