Security Specialist

Derq is an MIT spinoff building AI-powered traffic safety and smart infrastructure. We’re a team of passionate innovators, leveraging the latest in AI and technology to transform the future of mobility. Our platform enhances road safety and traffic management by turning real-time data into actionable insights for cities and road operators. Our patented technology collects and analyzes data from connected sensors like cameras, radar, and traffic signal controllers to help predict and prevent road incidents. We deploy edge and cloud solutions that make intersections and highways safer and smarter.

Role Overview

We’re looking for a Security Specialist to help strengthen Derq’s security posture as we scale our platform. This role focuses on application, cloud, and data security, working closely with Engineering, Product, and Infrastructure teams to embed security into how we build and operate.

This is a hands-on role with real ownership, not a purely advisory position.

Key Responsibilities

Platform & Application Security

• Identify, assess, and mitigate security risks across Derq’s platform and services.
• Support secure design reviews for new features and architectures.
• Conduct threat modeling and risk assessments.
• Partner with engineering teams on secure coding practices and remediation.

Cloud & Infrastructure Security

• Help secure cloud environments (AWS, GCP, Azure).
• Review IAM, access controls, secrets management, and network security.
• Support vulnerability scanning and remediation efforts.
• Monitor and respond to security incidents.

Security Operations

• Define and improve security policies, standards, and controls.
• Support incident response and post-incident reviews.
• Work with external vendors, auditors, and customers on security-related questions.
• Help prepare for security assessments (SOC 2, ISO 27001, customer security reviews).

Awareness & Enablement

• Partner with Engineering and Product to embed security early in the development lifecycle.
• Raise security awareness across teams without slowing delivery.
• Contribute to internal documentation and security best practices.Requirements

• 6-8+ years of experience in security engineering, application security, or cloud security.
• Strong understanding of web application security (OWASP Top 10).
• Experience securing cloud-based platforms, including IAM, networking, and encryption.
• Familiarity with CI/CD security, vulnerability scanning, and monitoring tools.
• Comfortable working in fast-moving, startup environments.
• Able to clearly explain security risks to non-security stakeholders.
• Experience with SOC 2, ISO 27001, or similar frameworks.
• Experience in IoT, ITS, smart mobility, or data-heavy platforms is a plus.
• Scripting or automation skills (e.g., Python, Bash).
• Background working closely with product and engineering teams.
• If located outside the UAE, we are open to relocation after successful completion of the probation period, subject to UAE immigration approval.