Security Engineer (remote)

At Masabi, we’re driving the fare payment revolution, powering the journeys of millions all over the world. We build fare collection platforms that allow riders to seamlessly buy and present tickets for public transport either on their mobile phones, from a ticket machine, or even by tapping their bank card to travel.

Our Justride platform is used in over 250 locations globally, including some of the largest cities in the world. With our industry-first mobile ticketing SDK, we’ve partnered with large players in the transport space, including Uber, Moovit and Transit.

Your own journey is important to us too. Choosing a role here means joining a network of innovators from all walks of life; a group of passionate individuals who consistently deliver. Here, you’ll find the tools you need to build the career you want. Whether you’re taking the direct route or trying a new path, we’ll support you no matter what.

The Role

As we continue to grow, ensuring the security and integrity of our platform is more important than ever. We’re looking for a Security Engineer to help shape the future of security at Masabi, someone who’s excited to build robust controls, reduce risk, and support our global compliance journey.

You’ll work closely with teams across the business to maintain and improve our compliance posture (PCI DSS, ISO27001, SOC2), drive vulnerability management and security tooling, and support audits and client commitments. This is a highly collaborative role that blends technical insight with process improvement, ideal for someone who’s curious, empathetic, detail-oriented, and ready to make a positive impact.

You’ll report directly to the Senior Director of Corporate IT, Compliance, and Customer Success.

Responsibilities Compliance & Security Controls

• Own and improve security controls aligned with PCI DSS, SOC 2, and ISO 27001, supporting audits and recertifications.
• Ensure we stay audit-ready with control testing, documentation, and remediation.
• Partner with internal teams and auditors to manage evidence collection and compliance outcomes.
• Manage and track contractual security obligations, flagging any billable work.
• Lead risk assessments, identify control gaps, and recommend mitigation strategies.
• Manage the lifecycle of security policies and standards, making sure they’re practical, up-to-date, and embedded across teams.
• Stay ahead of regulatory changes and industry trends to proactively adjust our security approach.

Vulnerability Management

• Own our vulnerability scanning and triage process, prioritising risks and working with teams to close gaps within SLAs.
• Coordinate and follow up on bi-annual penetration tests.
• Monitor CVEs and evaluate impact across cloud infrastructure and code dependencies.
• Oversee patching compliance and ensure SSL certificates are up-to-date.
• Automate scanning, reporting, and risk scoring wherever possible.
• Own the lifecycle of security incidents, from detection and response to lessons learned.
• Maintain up-to-date incident response plans aligned with compliance standards.
• Implement and optimise tools to detect, prevent, and mitigate potential threats.
• Lead regular security reviews across cloud environments and code repositories.
• Track key risk indicators (KRIs) and report on security metrics to leadership.
• Support the completion of RFPs and customer security questionnaires.

About You

• Hands-on experience in security engineering, compliance, or risk management.
• Comfortable working with PCI DSS, ISO 27001, SOC 2 and security audits.
• Solid understanding of vulnerability scanning, pen testing, and cloud environments.
• Familiar with risk assessments, mitigation strategies, and patching workflows.
• Able to write clear documentation, reports, and policies.
• Collaborate, curious, proactive, and always looking for ways to improve.
• Comfortable working independently in a remote-first environment.

Some of our benefits

• 23 days holiday per year plus the Christmas Shutdown (another 3-4 days).
• Up to €1000 training budget per year.
• 200 to spend on your home office.
• Choice of workstation.
• Ability to work for up to 3 months per year from any country in the world. Certain limitations may apply.

Careers at Masabi are for people going places - driven by a mission to make transit fair and accessible for all.

We are a network of innovators from all walks of life, passionate about making a difference. At Masabi, we operate with openness and trust, creating an environment where everyone feels empowered to bring their whole, authentic selves to work.

Whoever you are, just be yourself.

We welcome applications from underrepresented backgrounds and encourage you to share your pronouns at any stage. Together, we simplify journeys, remove barriers, and improve daily life for millions.

Why Join Masabi?

• Driven by Purpose – We believe in journeys made simple. The work isn’t always easy, but the best things never are.
• Encouraged to Accelerate – Masabi is going places and our people are in the driving seat. Whether you’re taking the direct route or exploring new paths, we support your journey.
• Advancing with Empathy – We put people first and foster a culture of learning, not blame. No matter your cargo, we share the load.

We’re already powering journeys - are you ready to join us?