Cybersecurity Defense Senior Specialist

Who Are We

HALA is a leading fintech player in the MENAP region that aims to redefine financial services and build the future bank of SMEs. HALA aims at empowering SMEs to start, run, and grow their businesses by providing them with cutting-edge financial and technological tools.

HALA currently holds multiple entities in UAE, Saudi Arabia and Egypt (including HALA Payments, HALA Cashier and HALA Logistics) and offers solutions that enable merchants to digitize their payments as well as manage their sales and operations.

Founded in 2017, HALA is currently duly licensed by the Saudi Arabian Central Bank as well as the Financials Services Regulatory Authority (FSRA) in Abu Dhabi Global Market.

Role Summary: 

The Cybersecurity Defense Senior Specialist is responsible for advanced, hands-on security operations, including monitoring, analyzing, and responding to complex security alerts using tools like SIEM, EDR, and intrusion detection systems; they design, implement, and maintain critical defensive infrastructure such as firewalls, security controls, and encryption solutions to reduce the attack surface; furthermore, they conduct threat hunting, perform in-depth security assessments, and manage vulnerability remediation efforts, serving as a subject matter expert to mentor junior staff and continuously refine security policies and incident response playbooks to enhance the organization's defensive posture.

Tasks & Responsibilities: 

• Operate and enhance HALA’s defensive monitoring and detection capabilities across endpoints, cloud, IAM, network, and fintech apps.

• Perform advanced threat hunting and investigation; tune SIEM/SOAR rules and use cases mapped to MITRE ATT&CK.

• Improve alert fidelity, reduce false positives, and support 24/7 SOC operations and incident handling.

• Work with Offense/IR teams to convert red-team lessons into detections and preventative controls.

• Maintain security tooling health (EDR, NDR, DLP, WAF, CSPM) and report on coverage/maturity.

Qualifications:

• Bachelor’s in Cybersecurity/CS or related field.

• 5–8+ years in SOC / blue team / detection engineering, fintech or high-scale digital products preferred.

• Hands-on with SIEM/SOAR, EDR, cloud security monitoring, and log analytics.

• Familiarity with SAMA CSF / NCA ECC-2 defensive control expectations. 

• Certs preferred: GCIA, GSEC, SC-200, Splunk/QRadar/Elastic certs, or equivalent.

• We have an inclusive and diverse culture that encourages innovation and flexibility in remote, in-office, and hybrid work setups.
• We offer highly competitive compensation packages, including the potential for shares.
• We prioritize personal development and offer regular training and an annual learning stipend to tackle new challenges and grow your career in a hyper-growth environment.
• Join a talented team of over 30 nationalities working in 7 countries and gain valuable experience in an exciting industry.
• We offer autonomy, mentoring, and challenging goals that create incredible opportunities for both you and the company.
• You will be given a lot of responsibility and trust. We believe that the best results come when the people responsible for a function are given the freedom to do what they think is best.