{{ flashMessage.message }} {{ flashMessage.linkText }} {{ flashMessage.linkText }} {{ flashMessage.linkText }}

IT Security Engineer

CXG

Dubai, UAE

Posted
Ref: PP000-58597

Apply Now

Job description / Role

Job Type
Full Time
Job Location
Dubai, UAE
Nationality
Any Nationality
Salary
Not Specified
Gender
Not Specified
Arabic Fluency
Not Specified
Job Function
IT - Software & Web Development
Company Industry
IT, Software & Internet Services

Description

We are growing! We are looking for an IT Security Engineer who can work within a hybrid or a remote set-up.

Who we are:
Founded in 2006, we’re proud to be a global business. From Shanghai to Paris, we have 12 offices and operate across four continents in 70 countries. We are home to over 250 professionals from around the world, working together to serve more than 230 luxury clients.

At CXG, we love to evolve, elevate, and transform experiences while bringing brand promises to life. We offer strategic solutions that impact performance and elevate the customer experience of some of the world’s most iconic premium and luxury brands.

What you will be doing:

The IT Security Engineer owns and continuously improves the organization’s security posture across cloud platforms, enterprise systems, applications, AI solutions, and third-party services.

This is a hands-on leadership role combining governance, engineering validation, automation, and client-facing security representation. Security must be embedded into architecture, development workflows, AI adoption, and operational practices in a scalable and structured way.

Your duties will also involve:

Key Responsibilities
  1. Security Governance & Risk
    Own and maintain the ISMS aligned with ISO 27001.
    Manage risk assessment frameworks, policies, and security KPIs.
    Ensure alignment with client security requirements.
    Drive continuous maturity improvement.
  2. Vulnerability Management & Testing
    Operate a structured vulnerability management program.
    Conduct internal scans and coordinate external penetration testing.
    Validate remediation and track resolution progress.
    Provide structured reporting on risk posture.
  3. Application & DevSecOps Security
    Define secure coding standards and security gates.
    Implement SAST, DAST, and dependency scanning.
    Integrate security into CI/CD pipelines.
    Review high-risk features and validate remediation.
    Automation-first approach, with targeted manual validation when required.
  4. Cloud, Infrastructure & Enterprise Security
    Define and validate cloud security baselines.
    Review IAM models, network segmentation, firewall and WAF controls.
    Ensure encryption, logging, monitoring, and least-privilege principles.
    Lead Microsoft 365, Defender, endpoint, and identity security governance.
    Hands-on ownership of enterprise security controls.
  5. Third-Party & Vendor Security
    Assess vendor security posture prior to adoption.
    Maintain vendor risk framework.
    Respond to client security questionnaires and due diligence.
    Support contract-level security discussions.
  6. AI & Tool Security Governance
    Assess security implications of new tools and AI platforms.
    Define guardrails for responsible AI and data usage.
    Ensure secure-by-design technology adoption.
  7. Incident Response & Preparedness
    Maintain incident response plans and escalation procedures.
    Coordinate security incidents across environments.
    Lead post-incident reviews and corrective actions.
  8. Security Culture & Enablement
    Promote security awareness and best practices.
    Train teams on secure development and operations.
    Continuously improve automation and controls.
    Security is a business enabler, not a blocker.

Requirements

What you will bring along:

  • 5+ years in cybersecurity, cloud security, or security engineering.
  • Proven experience securing cloud and SaaS environments.
  • Hands-on vulnerability management and penetration testing coordination.
  • Experience implementing automated security controls.
  • Experience with enterprise identity and endpoint security platforms.
  • Vendor security assessment experience.
  • ISO 27001 or similar governance exposure.
  • Experience interacting with clients on security matters.

Technical Skills

  • Strong cloud security and architecture validation expertise.
  • Network security, firewall, and web application protection knowledge.
  • DevSecOps and CI/CD security integration.
  • Application vulnerability assessment capability.
  • AI and third-party tool risk evaluation.

Soft Skills

  • Strong ownership mindset.
  • Risk-based decision making.
  • Clear communicator with technical and non-technical stakeholders.
  • Comfortable in client-facing discussions.
  • Structured and composed during incidents.
  • Automation and continuous improvement oriented.
Apply Now
Similar jobs you may be interested in
Application Security Engineer - Emiratisation Easy Apply
TGC Middle East 		Dubai 7 May
Microsoft 365 Security Engineer Easy Apply
Saudi Networkers Services 		Riyadh 15 Apr
Application Security Engineer - Emiratisation Easy Apply
TGC Middle East 		Dubai 7 Apr
ArcSight SIEM Engineer Easy Apply
Saudi Networkers Services 		Riyadh 26 Feb
Senior Network Engineer (Telecom) Easy Apply
eMagine Solutions 		Dubai 27 Mar

Other jobs you might be interested in

Service Engineer Jobs in Dubai Field Engineer Jobs in Dubai Senior Civil Engineer Jobs in Dubai
Engineer Jobs in Abu Dhabi Engineer Jobs in Sharjah Engineer Jobs in Ajman
Job Search Support
Get a Free CV Review
Get a professional CV
Find Top Talent
Explore Our CV Database Post a Job Now
Job Alerts by Email
  • Personalised updates on latest career opportunities
  • Insights on hiring and employment activity in your industry
  • Typically sent twice a month
Sign up for job alerts

Other Services

UAE Labour Law
UAE Public Holidays
Courses
Employment News
  • © GulfTalent 2026. All Rights Reserved.