Cloud Security Engineer II

Job Description

At Careem we are led by a powerful purpose to simplify and improve lives in the Middle East, North Africa and Pakistan. Were pioneering the development of innovative services to aid the mobility of people, the mobility of things and the mobility of money.Were in the driving seat as we help to define how technology will shape progress in some of the fastest-growing countries in the world. Our teams are building tech to meet the needs of the future in areas including data and AI, e-commerce, technology-enabled logistics, maps, identity, and fintech.We?re well placed to solve complex and meaningful challenges at scale, with deep tech expertise, strong regulatory relationships, a local presence, and increasingly specialised global teams which are structured to operate as autonomous start-ups. Our team of over 400 engineers and developers are empowered to develop cutting-edge technology every day.Careem was established in July 2012, became a wholly-owned subsidiary of Uber Technologies, Inc. in January 2020, and today operates in over 100 cities across 12 countries.About the roleCareem is looking for a Cloud Security Engineer to provide hands-on technical security engineering at Careem. You will work closely with our Engineering and Product Management groups to help build secure and robust systems responsible for serving our customers and colleagues. You will have the opportunity to learn from, and be mentored by, those who are building and securing our cutting-edge services.What youll do

• Serves as the subject matter expert (SME) on Cloud Security for Careem
• Develops standards, policies and procedures as well as best practices documentation.
• Participate in efforts that tailor the company?s security policies and standards for use in cloud environments
• Translate security and technical requirements into business requirements, and communicate security risks to different audiences ranging from business leaders to engineers.
• Inform and oversee the development and execution of a comprehensive strategy for Cloud Security
• Partner cross-functionally with key business partners to influence and ensure alignment and support for the IT Architecture, IT Engineering and IT operations mandate
• Align and collaborate with fellow leaders of our Engineering, Fusion Center Operations and Risk on a strategy to support their functions with technical solutions and expertise
• Research, evaluate, and recommend security technologies that can be applied to technology solutions being developed or maintained internally or externally
• Establish team for automation
• Some travel required for work with the leadership team, possibly for customer briefings, planning and other activities

What youll need

• BS in Computer Science or related field, or equivalent work experience
• Cloud security certifications are a plus
• Minimum of 5-8 years of experience with cloud and security engineering, system and network security, authentication and security protocols, cryptography, or application security.
• Minimum of 4 years of experience with any combination of the following: cloud security, threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security.
• Good knowledge of DevSecOps practices/tools for the AWS Cloud instances and their integration & implementation.
• Experience in setting up an SSDLC processes across an mid-sized organization
• Experience with multiple programming languages (such as, Java, C++, Ruby, Python, Perl, Rust, etc.)
• Expert knowledge in securing and operationalizing AWS cloud technologies including but not limited to ECS, S3, ALB, RDS, DMS, KMS, Secrets Manager, Config, CloudWatch, Lambda, SNS, SQS
• Familiarity with establishing security in CI/CD pipeline to create and deploy artifacts to the AWS Cloud VPCs.
• Minimum of 3-5 years of experience working in AWS Cloud security implementation, migration and operations.
• Familiarity with SRE and its relevance to securing Cloud instances
• Ability to construct cloud security infrastructure using Infrastructure as Code
• Experience in migration of on-prem enterprise system to AWS cloud
• Knowledge of and experience securing container, Microservices and API technologies
• Strong problem solving, oral and written communication skills including experience with executive presentations
• Strong understanding of software development methodologies including Agile and Scaled Agile centric execution models
• Excellent interpersonal, negotiation, and influencing skills
• Holder of industry professional certifications in AWS cloud architecture and development is strongly preferred
• Hands-on knowledge of information security technologies such as security design review, threat modeling, secure code review, risk analysis, and penetration testing
• Ability to make concrete progress in the face of ambiguity and imperfect knowledge
• A strong bias for action with proven ability to handle high stress, time sensitive security tasks
• Strong information security risk-based prioritization abilities
• Excellent written communication skills, with a focus on translating technically complex issues into simple, easy to understand concepts

Where youll be

• This role is part of a remote distributed team! This means you can be based in any of the countries where we currently have an engineering site. If you would like to join us in Dubai, Berlin, Ukraine, Russia, Poland, Pakistan, Egypt, Lebanon or Jordan, thats fine with us (Visa permitting)!
• Even though we are working remotely, we are strong believers in collaboration and the power of building social connections with our teams. For that reason, our offices are still open and provide plenty of collaboration-friendly spaces at times when teams need it or if you need a quiet space to work outside of home.
• You?ll be working in the location you?re hired from. Due to legal and compensation considerations, you will need to be based out of the country you?re hired from as your primary work location.

What well provide youIn addition to a competitive long-term total compensation with salary and equity, we have a reward philosophy that expands beyond this.As a Careem colleague you will be able to:

• Be part of a Remote-First organisation
• Work from any country in the world for 60 days a year
• Use Unlimited Vacation days throughout the year
• Access fitness reimbursements for health activities including: gym, health club and training classes.
• Work and learn from great minds
• Create impact in a region with untapped potential
• Explore new opportunities to learn and grow every day

Keyskills :