Security Engineer

AED 35,000 - 45,000 Per Month, Plus Family Benefits

Charterhouse is working with a Family Office based in Abu Dhabi that is seeking to hire a senior-level Security Engineer to join their Product Support & Design Division. This is a unique opportunity to work in a forward-thinking, innovation-led environment, taking full ownership of application, cloud, and DevSecOps security across a suite of cutting-edge digital platforms.

The Security Engineer will own the security posture of cloud-native and containerised environments end-to-end, including designing and operating layered security architectures primarily on AWS, hardening Linux systems, and embedding security controls natively into Git-based CI/CD pipelines. The role includes governing software supply chain integrity through artifact controls and SBOMs, integrating automated vulnerability checks across the SDLC, and building telemetry pipelines feeding into SIEM for real-time detection and alerting.

When incidents arise, the Security Engineer will lead the response from triage through to root-cause analysis and forensics. Beyond the technical, this role will work directly with engineering teams to define secure-by-default architectures, enforce policy guardrails, configure WAF/CDN protections, and embed practical secure coding guidance into day-to-day development. The Security Engineer will also drive application security practices including threat modelling, secure code review, and the integration of SAST, DAST, and SCA tooling into development workflows.

The ideal candidate will hold a Bachelor's degree in Computer Science, Information Security, or equivalent experience, with at least three years in security engineering, application security, or DevSecOps delivering engineered controls at scale. The successful candidate will demonstrate proficiency in Python, Golang, or JavaScript for automation, hands-on experience with CI/CD and Infrastructure as Code, and practical knowledge of SIEM, vulnerability assessment, and incident response. Familiarity with industry security frameworks and benchmarks such as OWASP, NIST, and CIS is expected.

A working understanding of LLM security principles is essential, including awareness of the OWASP Top 10 for LLMs and the ability to evaluate risk in agentic or LLM-integrated systems. Certifications such as AWS Certified Security Specialty, OSCP, OSWE, CKS, or GIAC certifications including GCSA, GCIA, or GCIH are strongly preferred.