Security Engineer – Cloud & DevSecOps
Charterhouse Middle East
About the role
Charterhouse is working with a Family Office based in Abu Dhabi that is seeking to hire a Security Engineer to join their Product Support & Design Division. This is a unique opportunity to work in a forward-thinking, innovation-led environment and play a critical role in securing cutting-edge digital platforms.
About the Role
The Security Engineer will own the security posture of cloud-native and containerised environments end-to-end, including designing and operating layered security architectures primarily on AWS, hardening Linux systems, and embedding security controls natively into Git-based CI/CD pipelines. The role includes governing software supply chain integrity through artifact controls and SBOMs, integrating automated vulnerability checks across the SDLC, and building telemetry pipelines feeding into SIEM for real-time detection and alerting.
When incidents arise, the Security Engineer will lead the response from triage through to root-cause analysis and forensics. Beyond the technical, this role will work directly with engineering teams to define secure-by-default architectures, enforce policy guardrails, configure WAF/CDN protections, and embed practical secure coding guidance into day-to-day development. The Security Engineer will also drive application security practices including threat modelling, secure code review, and the integration of SAST, DAST, and SCA tooling into development workflows.
About You
The ideal candidate will hold a Bachelor's degree in Computer Science, Information Security, or equivalent experience, with at least three years in security engineering, application security, or DevSecOps delivering engineered controls at scale. The successful candidate will demonstrate proficiency in Python, Golang, or JavaScript for automation, hands-on experience with CI/CD and Infrastructure as Code, and practical knowledge of SIEM, vulnerability assessment, and incident response. Familiarity with industry security frameworks and benchmarks such as OWASP, NIST, and CIS is expected.
A working understanding of LLM security principles is essential, including awareness of the OWASP Top 10 for LLMs and the ability to evaluate risk in agentic or LLM-integrated systems. Certifications such as AWS Certified Security Specialty, OSCP, OSWE, CKS, or GIAC certifications including GCSA, GCIA, or GCIH are strongly preferred.
Requirements
- Bachelor's degree in Computer Science, Information Security, or equivalent experience
- At least three years of experience in security engineering, application security, or DevSecOps
- Proficiency in Python, Golang, or JavaScript
- Hands-on experience with CI/CD and Infrastructure as Code
- Practical knowledge of SIEM, vulnerability assessment, and incident response
- Familiarity with industry security frameworks and benchmarks (OWASP, NIST, CIS)
- Working understanding of LLM security principles
- Certifications (AWS Certified Security Specialty, OSCP, OSWE, CKS, GIAC certifications) strongly preferred
Responsibilities
- Designing and operating layered security architectures
- Hardening Linux systems
- Embedding security controls into Git-based CI/CD pipelines
- Governing software supply chain integrity
- Integrating automated vulnerability checks
- Building telemetry pipelines
- Leading incident response
- Defining secure-by-default architectures
- Enforcing policy guardrails
- Configuring WAF/CDN protections
- Embedding secure coding guidance
- Driving application security practices
Skills
Don't send a generic resume
Paste this job description into Mimi and get a resume tailored to exactly what the hiring team is looking for.
Get started free