Get new tech jobs in GCC region sent to


Staff Security Engineer Ii ~ Careem


Careem is building the Everything App for the greater Middle East, making it easier than ever to move around, order food and groceries, manage payments, and more. Careem is led by a powerful purpose to simplify and improve the lives of people and build an awesome organisation that inspires. Since 2012, Careem has created earnings for over 2.5 million Captains, simplified the lives of over 50 million customers, and built a platform for the region’s best talent to thrive and for entrepreneurs to scale their businesses. Careem operates in over 70 cities across 10 countries, from Morocco to Pakistan.

We are looking for a Staff Security Engineer II to join our Information Security team of talented engineers that share a common interest in securing Careem’s production and enterprise systems and services and ensure trust between Careem's Customers, Captains, Colleagues, merchants and partners. Reporting directly to the CISO, you will work closely with Infrastructure, Product and Platform Engineering, Product Management and IT teams to drive security excellence in Careem products and services as well as the internal enterprise systems being built to service the colleagues.

Key Responsibilities:

Design: You will be responsible for designing an innovative security architecture for the distributed backend system that the engineering organization is building to meet the challenging functional, scalability and reliability requirements for our fast growing business. Your responsibility includes ensuring that the end-to-end architecture design meets the best practices around cyber security, compliance, regulation and privacy.

Engineering: You will be a trusted technical advisor to solve complex information security challenges. Provide guidance to engineers who work on complex technical security matters and designs impacting all the domains under Careem. You will keep raising the technical bar at Careem and ensuring that we build secure, scalable and business enabling solutions.

Team Support & Growth: Facilitate collaboration between InfoSec teams and other architects, engineers, business owners, and technical program managers to solve interesting and challenging infosec problems across our platform and services. You will help lead the security architecture documentation, code review process and continuously strive for higher quality and productivity.

Tech Leadership: You will work with different stakeholders at a senior level and engage proactively with all Careem engineering and product leads in different domains to ensure information security is at the top of mind across the teams.

What you’ll need:

  • Minimum of 5 years of advanced / expert level experience with any combination of the following: threat modeling experience, cloud security, system security, secure coding, identity management and authentication, software development, cryptography, system administration and network security.
  • Excellent knowledge of DevSecOps practices and technologies
  • Deep understanding of AWS security capabilities and features and expert knowledge in securing and operationalizing AWS cloud technologies including but not limited to ECS, S3, ALB, RDS, DMS, KMS, Secrets Manager, Config, CloudWatch, Lambda, SNS, SQS (certification a plus)
  • Hands on experience in SSDLC processes across a fast growth tech organization
  • Experience with multiple programming languages (such as Golang, Java, Scala, Ruby, Python, PHP, Perl, Rust, C++, etc.)
  • Familiarity with SRE, logging and monitoring and system engineering best practices
  • Knowledge of and experience securing container, Microservices and API technologies
  • Strong problem solving, oral and written communication skills including experience with executive presentations
  • Strong understanding of software development methodologies including Agile and Scaled Agile centric execution models
  • Holder of industry professional certifications in AWS cloud architecture and development is strongly preferred
  • Hands-on knowledge of information security technologies such as security design review, threat modeling, secure code review, risk analysis, and penetration testing
  • Ability to make concrete progress in the face of ambiguity and imperfect knowledge
  • A strong bias for action with proven ability to handle high stress, time sensitive security tasks
  • Strong information security risk-based prioritization abilities
  • Excellent written and verbal communication skills, with a focus on translating technically complex issues into simple, easy to understand concepts
  • Ability to effectively articulate technical challenges and solutions; deal with loosely defined problems and fast changing requirements & think abstractly.
  • Proven knowledge of system architecture.
  • Experience in multi-tiered distributed systems, web services, APIs, and relational & NoSQL databases.

Preferred Skills and Qualification:

  • Bachelors or higher  in Computer Science or equivalent discipline.
  • 10+ years of experience in information security engineering. 
  • Cloud security certifications are a plus.
  • Excellent communication skills.
  • Ability to juggle multiple projects at the same time.
  • Able to take individual ownership of a project from start to finish.

What we’ll provide you

We offer colleagues the opportunity to drive impact in the region while they learn and grow. As a full time Careem colleague, you will be able to:

  • Work and learn from great minds by joining a community of inspiring colleagues.
  • Put your passion to work in a purposeful organisation dedicated to creating impact in a region with a lot of untapped potential.
  • Explore new opportunities to learn and grow every day.
  • Work 4 days a week in office & 1 day from home, and remotely from any country in the world for 30 days a year with unlimited vacation days per year. (If you are in an individual contributor role in tech, you will have 2 office days a week and 3 to work from home.)
  • Access to healthcare benefits and fitness reimbursements for health activities including gym, health club, and training classes.