Senior Cyber GRC Manager
Hybrid
Full Time
#Information Security
#GRC
#Cloud Security
#Risk Management
#SDLC
#DevSecOps
#AWS
#PCI DSS
#ISO27001
#NIST CSF
Careem is on a mission to build the Everything App for the greater Middle East, simplifying how people move, eat, and manage their finances. Since 2012, we have empowered over 2.5 million Captains and improved the daily lives of 50 million customers across 10 countries. We are a purpose-driven organization that thrives on innovation, and we are looking for someone who shares our passion for building a platform that scales and inspires.
Role at a glance
We are searching for a Senior Cyber GRC Manager to join our team in a full-time capacity. This is a senior-level position that offers a hybrid work environment, allowing you to contribute from anywhere. You will play a pivotal role in shaping our security posture while working alongside our engineering and business units across the globe.
Your impact
- Lead and mentor a team of GRC analysts while overseeing the development and execution of our global Information Security, Governance, Risk, and Compliance strategy.
- Partner with our DevOps and DevSecOps teams to embed security controls directly into the software development lifecycle, promoting a security-as-code culture.
- Serve as a cloud security champion by ensuring our AWS infrastructure adheres to rigorous compliance standards, including PCI DSS, ISO27001, and the NIST CSF.
What you'll need
To be successful in this role, you should be a seasoned professional with a deep technical background and strong leadership capabilities. We are looking for the following qualifications:
- Over 10 years of experience in Information Security GRC, including at least 5 years managing complex, multi-faceted security projects.
- A degree in Computer Science, Engineering, or a related field, or equivalent professional certifications such as CISSP, CISM, CISA, CCSP, or AWS Security Specialty.
- Expertise in cloud security principles on AWS, along with a solid grasp of containerization, virtualization, and SDN.
- Proven ability to manage stakeholders at the executive level and communicate security risks effectively through clear reporting.
- Fluency in English, with the ability to translate technical security requirements into actionable business strategies.
Perks and compensation
We believe in empowering our people to do their best work while maintaining a healthy balance. As a member of our team, you will enjoy:
- A flexible 4-day workweek in the office with one day of remote work.
- The freedom to work remotely from anywhere in the world for up to 30 days per year.
- Unlimited vacation days to ensure you stay refreshed and inspired.
- Comprehensive healthcare benefits and reimbursements for fitness activities, including gym memberships and training classes.




