Job description

Careem is building the Everything App for the greater Middle East, making it easier than ever to move around, order food and groceries, manage payments, and more. Careem is led by a powerful purpose to simplify and improve the lives of people and build an awesome organisation that inspires. Since 2012, Careem has created earnings for over 2.5 million Captains, simplified the lives of over 70 million customers, and built a platform for the region’s best talent to thrive and for entrepreneurs to scale their businesses. Careem operates in over 70 cities across 10 countries, from Morocco to Pakistan.

We are looking for a senior-level security architect who can help modernise our detection-and-response stack by embedding automation, advanced analytics, and Generative AI. You will design end-to-end architecture, spanning data pipelines, correlation engines, SOAR playbooks, LLM-powered assistants, and autonomous agents to cut analyst toil, accelerate mean-time-to-detect (MTTD) and mean-time-to-respond (MTTR), and raise overall cyber-resilience.

What you'll do

Strategy & Architecture

Own the technical roadmap for AI-powered detection & response across SIEM, XDR, etc.
Map requirements to frameworks such as MITRE ATT&CK / D3FEND, NIST, CIS controls and ISO27001

Detection Engineering

Research, prioritise, and prototype new detections that can be automated at scale, turning complex security data into high-fidelity signals.

Automation & Orchestration

Design playbooks and agent workflows that auto-triage, contain, and remediate validated threats.

Generative AI & ML

Build and tune LLM-based assistants (prompt/chain engineering, RAG, vector search) to summarise alerts, enrich context, and recommend response actions

Data & Telemetry

Architect scalable pipelines to ingest, transform, and store multi-petabyte security telemetry for real-time analytics

Threat Hunting & Incident Response

Partner with SOC to codify hunts, deploy behaviour analytics, and oversee major incidents, acting as Tier-3 escalation

Governance & Risk

Ensure AI/automation solutions meet legal, privacy, and audit requirements; define human-in-the-loop guardrails and policy enforcement

Evangelism & Mentorship

Champion a culture of automation; coach engineers and analysts on secure coding, ML safety, and threat-informed defence

What you’ll need

10+ years in cybersecurity with 5+ years focused on detection engineering, incident response, or SOC automation in large-scale environments.
Deep understanding of attacker TTPs, network & endpoint telemetry, and log analytics
Proven experience architecting SOAR or XDR solutions and shipping production-grade automations in Python, Go, or similar.
Hands-on with cloud platforms (AWS or Azure or GCP) security services
Strong ML/AI expertise, data science workflow, vector DBs, model fine-tuning; familiarity with GenAI ecosystem (OpenAI, Gemini, Llama, etc.).
Ability to translate business risk into technical requirements and influence senior stakeholders.
Excellent communication and mentorship skills

Nice-to-Have

Experience deploying agent-based GenAI frameworks that autonomously execute detection–investigation–response loops
Certifications: CISSP, GIAC (GXPN, GDAT, GCTI), GCPN, or OCSP.
Familiarity with Infrastructure-as-Code (Terraform, CDK) and DevSecOps pipelines.
Background in regulatory environments (PCI-DSS, GDPR, HIPAA, UAE NESA, etc.).