Security & Compliance Specialist

Company Overview:

arabot is MENA’s #1 semantic automation platform that brings conversational AI and service fulfillment together to get the job done. We are a fast-growing startup with lots of exciting business and technical challenges coming everyday solved by motivated and bright minds. On joining our team, you will enjoy competitive salary and benefits, flexible working hours, remote work policy, the opportunity to become a part-owner of the company through our ESOP program, great environment and culture!

Job Summary:

As the Security & Compliance Specialist, you will play a key role in ensuring that our company meets SOC 2, ISO 27001, and NCA (KSA) standards, securing our cloud and on-prem environments, and proactively identifying and mitigating security risks. You will work closely with DevOps, engineering, and leadership teams to ensure our security policies and compliance measures align with best practices.

Job Description:

Security & Compliance:

• Assist in SOC 2, ISO 27001, and NCA (KSA) certification efforts by implementing security controls and best practices.

• Ensure compliance with cybersecurity frameworks such as NIST, CIS, and KSA’s NCA regulations.

• Support risk assessments and security audits, identifying gaps and implementing security improvements.

• Maintain and update security documentation, policies, and procedures.

Cloud & On-Prem Security:

• Monitor and improve cloud security configurations (AWS, GCP) and IAM policies.

• Assist in implementing encryption, firewalls, access controls, and data protection measures.

• Collaborate with DevOps to integrate security into CI/CD pipelines and infrastructure.

Threat Management & Incident Response:

• Support incident response processes, including detection, investigation, and mitigation.

• Conduct vulnerability assessments, security monitoring, and log analysis.

• Assist in penetration testing and security risk evaluations.

Training & Governance:

• Conduct security awareness training for employees.

• Work with third-party vendors and partners to ensure security compliance.

• Stay up to date with emerging cybersecurity threats, trends, and best practices.

Job Specifications:

• 3+ years of experience in cybersecurity, compliance, or cloud security.

• Knowledge of SOC 2, ISO 27001, and NCA (KSA) cybersecurity frameworks.

• Familiarity with AWS/GCP security best practices, IAM, and access control.

• Experience with vulnerability assessments, security monitoring, and log analysis.

• Understanding of network security, endpoint security, and cloud security tools.

• Strong problem-solving skills and eagerness to learn and grow.

• Preferred Certifications: Security+, CCSP, ISO 27001 Lead Implementer, NCA Cybersecurity Compliance