Listing Description

Careem is looking for a  Cloud Security Engineer to provide hands-on technical security engineering at Careem.

Job Purpose 

You will work closely with our Engineering and Product Management groups to help build secure and robust systems responsible for serving our customers and colleagues. 

You will have the opportunity to learn from, and be mentored by, those who are building and securing our cutting-edge services.

Key Accountabilities 

• Serves as the subject matter expert (SME) on Cloud Security for Careem


• Develops standards, policies and procedures as well as best practices documentation.


• Participate in efforts that tailor the company’s security policies and standards for use in cloud environments


• Translate security and technical requirements into business requirements, and communicate security risks to different audiences ranging from business leaders to engineers.


• Inform and oversee the development and execution of a comprehensive strategy for Cloud Security

Qualifications & Experience 

• BSc in Computer Science or related STEM discipline 
  
  


• Minimum of 3-5 years of experience with cloud and security engineering, system and network security, authentication and security protocols, cryptography, or application security.


• Minimum of 3 years of experience with any combination of the following: cloud security, threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security.


• Good knowledge of DevSecOps practices/tools for the AWS Cloud instances and their integration & implementation.


• Experience in setting up an SSDLC processes across an mid-sized organization


• Experience with multiple programming languages (such as, Java, C++, Ruby, Python, Perl, Rust, etc.)


• Expert knowledge in securing and operationalizing AWS cloud technologies including but not limited to ECS, S3, ALB, RDS, DMS, KMS, Secrets Manager, Config, CloudWatch, Lambda, SNS, SQS


• Familiarity with establishing security in CI/CD pipeline to create and deploy artifacts to the AWS Cloud VPCs.


• Minimum of 3-5 years of experience working in AWS Cloud security implementation, migration and operations.


• Familiarity with SRE and it's relevance to securing Cloud instances


• Ability to construct cloud security infrastructure using Infrastructure as Code


• Experience in migration of on-prem enterprise system to AWS cloud


• Knowledge of and experience securing container, Microservices and API technologies


• Strong problem solving, oral and written communication skills including experience with executive presentations


• Strong understanding of software development methodologies including Agile and Scaled Agile centric execution models


• Excellent interpersonal, negotiation, and influencing skills


• Holder of industry professional certifications in AWS cloud architecture and development is strongly preferred


• Hands-on knowledge of information security technologies such as security design review, threat modeling, secure code review, risk analysis, and penetration testing


• Ability to make concrete progress in the face of ambiguity and imperfect knowledge


• A strong bias for action with proven ability to handle high stress, time sensitive security tasks


• Strong information security risk-based prioritization abilities


• Excellent written communication skills, with a focus on translating technically complex issues into simple, easy to understand concepts