Senior Information Security Engineer
Back to Jobs
PalmPayGet Smart Job AI Coach in the appFree on iOS and Android 






Senior Information Security Engineer
Location
Gulshan, Bangladesh
Experience
Senior
Posted
Jul 7, 2026
Apply by
August 6, 2026
Applicants
0
Early applicantFull-timeWork from Office
Job Description
**About PalmPay**
PalmPay is a leading neobank and fintech platform scaling financial inclusion across emerging markets. With over 40 million users, we are building a digital financial ecosystem that empowers individuals and businesses through accessible, easy-to-use, and rewarding financial services.
Operating in Nigeria, Ghana, Tanzania, Bangladesh, Pakistan, and the Philippines, PalmPay has been recognized by CNBC as one of the Top 300 Global Fintech Companies and ranked #2 overall and #1 in financial services on the Financial Times’ Africa’s Fastest Growing Companies 2025 list.
**Position Overview**
PalmPay is seeking an experienced and proactive Senior Information Security Engineer to strengthen the organization’s cybersecurity posture by implementing enterprise security controls, managing security operations, supporting regulatory compliance, and protecting critical payment infrastructure across cloud and on-premises environments.
The successful candidate will work closely with Engineering, Infrastructure, Compliance, Risk, and Product teams to ensure the confidentiality, integrity, and availability of PalmPay’s digital financial services while maintaining compliance with Bangladesh Bank regulations and international security standards.
**Key Responsibilities:**
**Information Security Operations**
- Design, implement, and continuously improve enterprise information security controls across cloud, infrastructure, applications, databases, endpoints, and network environments.
- Monitor security events using SIEM platforms, perform threat detection, incident response, digital investigations, and root cause analysis.
- Conduct proactive threat hunting and continuously enhance the organization’s security monitoring capabilities.
- Support Security Operations Center (SOC) activities and ensure a timely response to security incidents.
- Cloud & Infrastructure Security
- Secure Cloud and Bangladesh-based private cloud environments in accordance with security best practices and regulatory requirements.
- Implement and manage cloud security services, IAM, MFA, PAM, WAF, IDS/IPS, VPN, encryption, and network segmentation.
- Perform secure configuration, hardening, and security baseline implementation for servers, operating systems, containers, Kubernetes clusters, databases, and virtual infrastructure.
- Participate in secure architecture reviews for new products, services, and technology implementations.
**Vulnerability Management & Security Assessment**
- Conduct vulnerability assessments, coordinate penetration testing, and oversee remediation activities.
- Perform infrastructure, application, and cloud security assessments.
- Ensure timely remediation of identified vulnerabilities through risk-based prioritization.
- Support secure configuration management, patch management, and infrastructure hardening initiatives.
**Governance, Risk & Compliance**
- Ensure compliance with Bangladesh Bank regulations, industry security standards, and internal security policies.
- Support regulatory reporting, compliance documentation, and security governance initiatives.
- Participate in internal audits, regulatory inspections, certification assessments, and security reviews.
- Conduct security risk assessments, vendor security reviews, and technical due diligence for new systems, products, and third-party service providers.
- Develop, review, and maintain information security policies, standards, procedures, and technical baselines.
**DevSecOps & Security Engineering**
- Integrate security controls throughout the Secure Software Development Lifecycle (Secure SDLC) and CI/CD pipelines.
- Implement and maintain security tools for SAST, DAST, SCA, container security, secret scanning, IaC security, and vulnerability management.
- Collaborate with engineering teams to strengthen secure coding practices, cloud security automation, and container security.
- Support security automation initiatives to improve operational efficiency and security visibility.
- Security Awareness & Stakeholder Collaboration
- Conduct information security awareness and technical security training programs across the organization.
- Provide security consultation to Engineering, Infrastructure, Product, Compliance, Risk, and Business teams.
- Support the Head of Information Security on strategic cybersecurity initiatives, regulatory projects, and security improvement programs.
**Required Qualifications & Experience**
**Education & Certification**
- Bachelor’s degree in Computer Science, Information Technology, Information Security, Cyber Security, or a related discipline.
**Preferred Professional Certifications**
- CISA
- AWS Certified Security – Specialty
- ISO/IEC 27001 Lead Implementer/Lead Auditor
- CEH
- CompTIA Security+
**Experience**
- Minimum 3+ years of professional experience in Information Security or Cyber Security.
- Prior experience in Banking, FinTech or other regulated financial institutions will be highly preferred.
- Hands-on experience securing enterprise cloud infrastructure, applications, and production environments.
- Experience supporting regulatory audits, security assessments, and compliance initiatives.
- Practical experience with security monitoring, incident response, vulnerability management, cloud security, and DevSecOps.
**Skills & Competencies**
- Strong knowledge of enterprise information security principles and security architecture.
- Hands-on experience with enterprise security technologies including SIEM, IAM, PAM, WAF, IDS/IPS, Endpoint Protection, Vulnerability Management, Cloud Security, DevSecOps, and Container Security.
- Experience working with Cloud and Bangladesh-based private cloud platforms.
- Good understanding of Bangladesh Bank ICT Security Guidelines, Bangladesh Bank PSP/PSO/BNPL Regulatory Requirements, PCI DSS, ISO/IEC 27001, NIST Cybersecurity Framework, CIS Benchmarks, and OWASP security standards.
- Strong analytical, troubleshooting, incident handling, and problem-solving skills.
- Excellent communication skills in English.
- High attention to detail with strong execution capability.
- Ability to work independently and manage multiple priorities in a fast-paced, highly regulated fintech environment.
**Compensation & Benefits**
- Competitive salary
- Festival bonuses
- Opportunity to work in a fast-growing global fintech environment
- Career development and leadership exposure
Key Responsibilities
- Design and implement enterprise information security controls across cloud, infrastructure, and application environments.
- Monitor security events using SIEM platforms and perform threat detection, incident response, and root cause analysis.
- Secure cloud and private cloud environments, implementing IAM, MFA, PAM, WAF, and network segmentation.
- Conduct vulnerability assessments, coordinate penetration testing, and oversee remediation activities.
- Ensure compliance with Bangladesh Bank regulations, PCI DSS, and ISO/IEC 27001 standards.
- Integrate security controls into the Secure SDLC and CI/CD pipelines.
- Conduct security risk assessments and vendor security reviews.
- Provide security awareness training and consultation to engineering and product teams.
Requirements
- Bachelor’s degree in Computer Science
- Information Technology
- Information Security
- Cyber Security
- or a related discipline
Skills Required
SIEMIAMPAMWAFIDS/IPSEndpoint ProtectionVulnerability ManagementCloud SecurityDevSecOpsContainer SecurityKubernetesCI/CDSASTDASTSCAIaC securityAnalytical skillsTroubleshootingIncident handlingProblem-solvingCommunicationAttention to detailExecution capabilityAbility to work independentlyBankingFinTechRegulated financial institutions
Benefits
- Competitive salary
- Festival bonuses
- Career development
- Leadership exposure
App exclusive · Free
Smart Job AI Coach
Your personal interview coach on every job — readiness tips, profile improvements, and role-specific prep. Available only in the Pulse Job app.
Interview readiness
See how prepared you are and what to improve for each role.
Personalized tips
Actionable suggestions based on your profile and the job.
After you apply
Keep coaching momentum from job detail through application success.
Similar roles for you
Matched using this role's title and skills. Open the job search anytime to see every listing.

Senior Security Engineer
Weekday AI
25,00,000–50,00,000 / Year
Full-timeEasy applyWork from Office
BengaluruSenior

Senior Devops Engineer
Brightvision
100,000–150,000 / Year
Full-timeEasy applyWork from Home
RemoteSenior

Senior Devops Engineer
Brightvision
100,000–150,000 / Year
Full-timeEasy applyWork from Home
RemoteSenior

Senior Security Engineer
Jobgether
Full-timeWork from Home
UKSenior

Senior Security Engineer
Jobgether
Full-timeWork from Home
GermanySenior

Senior Security Engineer
Jobgether
Full-timeWork from Home
SwitzerlandSenior