Staff Security Architect II

Careem is building the Everything App for the greater Middle East, making it easier than ever to move around, order food and groceries, manage payments, and more. Careem is led by a powerful purpose to simplify and improve the lives of people and build an awesome organisation that inspires. Since 2012, Careem has created earnings for over 2.5 million Captains, simplified the lives of over 50 million customers, and built a platform for the region’s best talent to thrive and for entrepreneurs to scale their businesses. Careem operates in over 70 cities across 10 countries, from Morocco to Pakistan.

We are looking for a Staff Security Architect II to join our Information security team of talented engineers that share a common interest in securing Careem’s production and enterprise systems and services and ensure trust between Careem's Customers, Captains, Colleagues, merchants and partners. Handle everything from user requests to payment processing reporting directly to the CISO you will work closely with Infrastructure, Product Engineering, Product Management and IT teams to drive security excellence in Careem products / features as well as the internal enterprise systems being built to service the colleagues.

Key Responsibilities:

Architecture: You will be responsible for building an innovative security architecture for the distributed backend system that the engineering organization is building to meet the challenging functional, scalability and reliability requirements for our fast growing business.
Design: Ensure end-to-end architecture design according to best practices, compliance, regulation and privacy.
Team Support & Growth: Facilitate collaboration between InfoSec teams and other architects, engineers, business owners, and technical program managers to solve interesting and challenging infosec problems across our platform and services.
Careem-wide Tech Leadership: You will work with different stakeholders at a senior level and engage proactively with all Careem engineering and product leads in different domains to ensure information security is at the top of mind across the teams.

What you’ll need:

• Minimum of 5 years of advanced / expert level experience with any combination of the following: threat modeling experience, cloud security, system security, secure coding, identity management and authentication, software development, cryptography, system administration and network security.
• Excellent knowledge of DevSecOps practices and technologies
• Deep understanding of AWS security capabilities and features and expert knowledge in securing and operationalizing AWS cloud technologies including but not limited to ECS, S3, ALB, RDS, DMS, KMS, Secrets Manager, Config, CloudWatch, Lambda, SNS, SQS (certification a plus)
• Hands on experience in SSDLC processes across a fast growth tech organization
• Experience with multiple programming languages (such as Golang, Java, Scala, Ruby, Python, PHP, Perl, Rust, C++, etc.)
• Familiarity with SRE, logging and monitoring and system engineering best practices
• Knowledge of and experience securing container, Microservices and API technologies
• Strong problem solving, oral and written communication skills including experience with executive presentations
• Strong understanding of software development methodologies including Agile and Scaled Agile centric execution models
• Holder of industry professional certifications in AWS cloud architecture and development is strongly preferred
• Hands-on knowledge of information security technologies such as security design review, threat modeling, secure code review, risk analysis, and penetration testing
• Ability to make concrete progress in the face of ambiguity and imperfect knowledge
• A strong bias for action with proven ability to handle high stress, time sensitive security tasks
• Strong information security risk-based prioritization abilities
• Excellent written and verbal communication skills, with a focus on translating technically complex issues into simple, easy to understand concepts
• Ability to effectively articulate technical challenges and solutions; deal with loosely defined problems and fast changing requirements & think abstractly.
• Proven knowledge of system architecture.
• Experience in multi-tiered distributed systems, web services, APIs, and relational & NoSQL databases.

Preferred Skills and Qualification:

• Bachelors or higher  in Computer Science or equivalent discipline.
• 10+ years of experience in information security engineering. 
• Cloud security certifications are a plus.
• Excellent communication skills.
• Ability to juggle multiple projects at the same time.
• Able to take individual ownership of a project from start to finish.

What we’ll provide you

We offer colleagues the opportunity to drive impact in the region while they learn and grow. As a Careem colleague you will be able to:

• Work and learn from great minds by joining a community of inspiring colleagues.
• Put your passion to work in a purposeful organisation dedicated to creating impact in a region with a lot of untapped potential.
• Explore new opportunities to learn and grow every day.
• Enjoy the flexibility that comes with the trust of being an owner; work in a hybrid style with a mix of days at the office and at home, and remotely from any country in the world for 30 days a year with unlimited vacation days per year.
• Access to healthcare benefits and fitness reimbursements for health activities including: gym, health club and training classes.