Infrastructure Security Engineer II

We don’t think about job roles in a traditional way. We are anti-silo. Anti-career stagnation. Anti-conventional. 

Beyond ONE is a digital services provider radically reshaping the personalised digital ecosystems of consumers in high growth markets around the world. We’re building a digital services aggregator platform, with a strong telco foundation, and a profitable growth strategy that empowers users to drive their own experience—subscribe once, source from many, and only pay for what you actually use. 

Since being founded in 2021, we’ve acquired Virgin Mobile MEA, Friendi Mobile MEA and Virgin Mobile LATAM (with 6.5 million subscribers) and 1600 dedicated  colleagues across Chile, Colombia, KSA, Kuwait, Mexico, Oman and UAE. 

To disrupt for good takes a rebellious spirit, a questioning mind and a warm heart. We really care about how to get things done and not who manages who. We benefit from our diversity, and together, we disrupt the way we and others thinkin about our lives for good.  

Do you want to exchange ideas, learn from each other and leave your mark on our journey? This is the place for you. 

Role Purpose

Why this role matters:

As Infrastructure Security Engineer II, you will play a critical role in safeguarding the integrity, confidentiality, and availability of our hybrid infrastructure—spanning both on-premise data centers and AWS cloud environments. Your contributions will help shape the Information Security department and ultimately the way we disrupt the market through resilient, secure infrastructure.

What success looks like:

In your first year, you will deploy robust security controls across AWS and on-premise environments, lead proactive threat modeling and risk assessments, and drive successful audit readiness for key compliance standards like ISO 27001 and KSA CRF.

Why this is for you:

If you're keen on solving hybrid infrastructure security problems in a fast-paced, energetic environment, hit us up. We're looking for someone ready to tackle this challenge head-on and make an impact from day one.

Key Responsibilities

In this role, you will:

• Design and implement infrastructure security controls across on-premise and AWS environments, ensuring layered protection for networks, endpoints, and data.

• Collaborate with network engineering, DevOps, and cloud teams to embed security best practices into infrastructure design and CI/CD pipelines.

• Manage incident response activities for infrastructure-related security breaches, conducting root cause analyses to strengthen long-term defenses.

• Conduct regular threat modeling and security assessments to identify vulnerabilities and misconfigurations.

• Monitor and maintain security tools, including SIEM, IDS/IPS, endpoint protection platforms, and AWS-native services (e.g., GuardDuty, Security Hub).

• Support regulatory and compliance initiatives (e.g., ISO 27001, KSA CRF, NIST) through control validation, audit response, and documentation.

• Contribute to the development and refinement of infrastructure security policies, standards, and procedures aligned to business needs.

• Stay current on emerging threats, regulatory changes, and security trends relevant to telecom and MVNO ecosystems.

Qualifications & Attributes

We’re seeking someone who embodies the following:

Education:

• Bachelor’s degree in Computer Science, Information Security, Telecommunications, or a related field.
• Preferred certifications: CISSP, AWS Certified Security – Specialty, CISM, GIAC.

Experience:

• 5+ years of hands-on experience in infrastructure security engineering, especially within hybrid (on-premise + cloud) environments.
• Strong background in telecom or high-availability systems is highly desirable.

Technical Skills:
Must-haves:

• Deep expertise in network security (firewalls, VPNs, IPS/IDS, segmentation).

• Advanced experience with AWS security tools: IAM, KMS, Security Hub, GuardDuty, Inspector, VPC controls.

• Solid grasp of Linux/Windows hardening techniques.

• Familiarity with security automation tools (e.g., Terraform, Ansible).

• Skilled in SIEM tools like Splunk or ELK, and comfortable with incident detection workflows.

• Strong knowledge of PKI, encryption, and secure protocols.

• Hands-on scripting (Python, Bash) for automating security processes.

Nice-to-haves:

• Experience with other cloud platforms (Azure, Google Cloud) and VMWare environments.

• Exposure to container security (e.g., Kubernetes, EKS, Docker).

• Experience with Cloudflare solutions.

Unique Attributes:

• Thrives in high-pressure, fast-moving telecom/MVNO settings.

• Proactive problem-solver with strong analytical capabilities.

• Communicates technical risks in business-relevant terms.

• Influences and collaborates across teams to embed secure practices from day one.

What we offer:

• Rapid learning opportunities - we enable learning through flexible career paths, exposure to challenging & meaningful work that will help build and strengthen your expertise.
• Hybrid work environment - flexibility to work from home 2 days a week.
• Healthcare and other local benefits offered in market.

By submitting your application, you acknowledge and consent to the use of Greenhouse & BrightHire during the recruitment process. This may include the storage and processing of your data on servers located outside your country of residence. For further information, please contact us at dataprivacy@beyond.one.