Senior Security Engineer & Cloud Security

A little bit about talabat

talabat is the leading online food and groceries ordering platform in MENA, operating in 9 countries across the region. Founded in 2004 by a small group of entrepreneurs in Kuwait, talabat’s success expanded to the rest of the GCC region, Egypt & Jordan, making it the largest and most popular food ordering app. With over 2,000+ employees and millions of users, we deliver hundreds of thousands of orders every day.

We are part of the Delivery Hero network building the next generation of online delivery platforms across the globe. Our network is truly international with engineering teams in 13 countries and operations in 40+ countries.

We are seeking a Senior Security Engineer to operate as a core cloud security practitioner within a large, enterprise‑scale environment. This role focuses on engineering, operating and continuously improving cloud security controls across AWS and GCP, while adhering to corporate security standards, regulatory requirements and risk management processes.

The role is hands‑on and execution‑oriented, with accountability for control effectiveness, operational stability and risk reduction, working in close partnership with Cloud Platform (GDP), SRE, Architecture and GRC teams.

• Implement, operate and continuously improve enterprise‑grade cloud security controls across AWS and GCP organizations.
• Enforce security baselines for accounts/projects, networking, IAM, encryption and logging.
• Maintain alignment with enterprise security architecture, policies and control frameworks.
• Support standardized cloud landing zones and guardrails.

• Design and operate scalable IAM models including role‑based access, service identities and federated access.
• Enforce least privilege through periodic access reviews, CIEM insights and remediation workflows.
• Partner with global IAM and platform teams to ensure consistent access governance across cloud environments.

• Operate and tune cloud security platforms (CSPM, CIEM, CWPP, native AWS/GCP services).
• Drive remediation of findings through automation, pipelines, and infrastructure‑as‑code rather than manual fixes.
• Contribute to global security practices, policies and reusable Terraform components.

• Ensure comprehensive cloud audit logging, telemetry and alerting are enabled and monitored.
• Support investigation and response to cloud‑related security incidents, following enterprise IR processes.
• Perform root cause analysis and contribute to post‑incident improvements and control enhancements.

• Support enterprise compliance programs (e.g., PCI DSS, NIST, SOC‑2) by mapping requirements to cloud controls.
• Participate in threat modeling and risk assessments for cloud services and platforms.
• Provide evidence and technical validation during audits and security assessments.

• Act as a trusted security partner to engineering and platform teams.
• Review cloud architecture designs and major changes for security risk.
• Provide authoritative guidance on secure use of AWS and GCP services at enterprise scale.

• Strong hands‑on experience securing AWS and GCP in large, multi‑account / multi‑project environments.
• Deep knowledge of:
  • Cloud IAM, federation and access governance
  • Network segmentation, private connectivity and perimeter controls
  • Centralized logging, monitoring and audit trails
  • Encryption, key management and data protection
  • Proven experience with Infrastructure as Code
  • Enterprise Security Operations
  • Experience operating security controls under formal policies, standards and risk frameworks.
  • Familiarity with enterprise change management, incident response and audit processes.
  • Ability to translate security requirements into implementable & measurable controls.

• 7+ years of experience in security engineering, with a strong cloud focus.
• Demonstrated ability to operate independently as a senior individual contributor.
• Strong written documentation and verbal communication skills.
• Comfortable working across time zones and with globally distributed teams.