Cyber Security Specialist

Level: Senior | Experience: 6–10 Years | Location: Lahore, Pakistan (On-Site)

Cinergie Digital is delivering a flagship enterprise portal and mobile application for one of the largest telecom operators in Saudi Arabia. The system handles sensitive HR and payroll data, integrates with a live SAP ERP, and introduces generative AI capabilities that can take actions on behalf of users — including submitting leave requests, generating official employment documents, and accessing personal employee records. All production data must reside within Saudi Arabia under PDPL compliance. Security is not a checkbox at the end of the project. It is a design constraint from day one.

We are looking for a Senior Cyber Security Specialist who can be the security conscience of this project throughout its lifecycle — from architecture review in Phase 1 through quarterly penetration testing, audit readiness, and the 12-month post-launch support period. You will assess and harden the security posture of the entire system, with specific focus on the novel risks introduced by AI — prompt injection, data leakage via LLM outputs, and unauthorized action execution through the AI orchestrator.

• Review the system architecture from a security perspective at the start of Phase 1, identifying risks and recommending mitigations before code is written
• Define and enforce data encryption standards across the platform — AES-256 at rest, TLS 1.3 in transit — and validate implementation compliance
• Design the AI-specific security framework: prompt injection prevention, data leakage controls on LLM outputs, adversarial input handling, and guardrails on the service account that executes user actions

• Conduct and manage quarterly penetration testing, working with internal and external testers, documenting findings, and driving remediation to closure
• Assess and harden the Azure Active Directory (Entra ID) configuration — MFA policy, conditional access, service principal permissions, and RBAC across all resources
• Review the API Gateway and microservices layer for common vulnerabilities — injection attacks, broken access control, insecure direct object references, and API-specific threat vectors
• Evaluate and advise on the hybrid connectivity model between the Azure-hosted portal and the on-premises SAP environment, identifying exposure in the integration layer
• Define data classification and retention policies by category (HR data, AI conversation logs, generated documents) and validate enforcement in the data layer
• Prepare and maintain documentation required for SOC 2 Type II compliance or equivalent, and support the formal audit process
• Monitor for security incidents during the post-launch support period, triage alerts, and coordinate response when required

• 6 to 10 years of cyber security experience, with a meaningful portion spent on cloud-hosted enterprise systems rather than purely on-premises environments
• Strong Azure security expertise — Microsoft Defender for Cloud, Azure Sentinel or equivalent SIEM, Key Vault, Entra ID security configuration, and Azure networking security
• Hands-on experience conducting or managing application security assessments, penetration tests, and vulnerability remediation

Looking to get Placed? Try our Placement Guarantee Plan

Get Hired
• Deep understanding of OWASP Top 10 for web applications and OWASP API Security Top 10 — and how to identify these in code review and architecture review
• Familiarity with AI-specific security risks — prompt injection, indirect prompt injection, data extraction via LLM outputs, and model abuse patterns
• Understanding of data residency compliance frameworks, preferably including PDPL (Saudi Arabia's Personal Data Protection Law) or comparable GCC privacy regulations
• Experience preparing for and supporting formal security audits — SOC 2 Type II, ISO 27001, or equivalent
• Ability to translate security requirements into specific technical controls and validate that those controls are correctly implemented
• Clear, direct communicator who can engage both technical teams and non-technical stakeholders on security risk

• Relevant certifications: CISSP, CISM, CEH, OSCP, or Azure Security Engineer Associate
• Experience securing SAP integration environments or enterprise ERP API exposure
• Background in telecom sector security requirements or NCA (National Cybersecurity Authority, Saudi Arabia) framework compliance
• Prior experience on projects involving generative AI in regulated or sensitive data environments