Senior Security Engineer (Edge & Cloud)

Derq is an MIT spinoff building AI-powered traffic safety and smart infrastructure. We’re a team of passionate innovators, leveraging the latest in AI and technology to transform the future of mobility. Our platform enhances road safety and traffic management by turning real-time data into actionable insights for cities and road operators. Our patented technology collects and analyzes data from connected sensors like cameras, radar, and traffic signal controllers to help predict and prevent road incidents. We deploy edge and cloud solutions that make intersections and highways safer and smarter.

Role Overview

We are looking for a hands-on Senior Security Engineer to help secure our end-to-end platform, from Linux-based edge devices deployed in the field to our cloud infrastructure, APIs, and data pipelines.

This is not a pure compliance role. The focus is practical security engineering: identifying risks, fixing vulnerabilities, and working closely with Engineering, Product, and Infrastructure teams to build security into how we design, deploy, and operate.

Our platform includes edge units deployed in roadside cabinets, processing real-time video and sensor data locally, then syncing insights and metadata to the cloud. This means the role requires someone who can think through real-world risks such as physical access, SSH exposure, device hardening, secure data transfer, cloud security, and incident response.

Key Responsibilities

• Secure the end-to-end platform, from Linux-based edge devices to cloud infrastructure, APIs, and data pipelines.
• Identify, assess, and remediate security risks across applications, backend services, and deployed devices.
• Conduct threat modeling across edge-to-cloud data flows, including video, sensor data, and metadata pipelines.
• Harden edge devices, including OS security, SSH access, credential management, and patching practices, especially in physically accessible environments.
• Secure cloud environments (AWS preferred), including IAM, network security, encryption, secrets management, and logging.
• Support secure design and architecture reviews for new features and deployments.
• Implement and improve CI/CD security, vulnerability scanning, and monitoring practices.
• Monitor and respond to security incidents, including compromised devices or unauthorized access, and lead post-incident reviews.
• Define and improve security policies, standards, and controls aligned with practical engineering needs.
• Support compliance efforts such as ISO 27001, SOC 2, and customer security reviews.
• Work closely with Engineering and Product to embed security into development without slowing delivery.
• Contribute to internal security awareness, documentation, and best practices.Requirements

• 6 to 8+ years in security engineering, application security, cloud security, or infrastructure security.
• Hands-on experience securing production systems, not only compliance or audit.
• Strong knowledge of Linux security, hardening, access controls, and patching.
• Strong understanding of web application security, including OWASP Top 10.
• Experience securing cloud platforms, preferably AWS, including IAM, networking, encryption, logging, and secrets management.
• Experience with CI/CD security, vulnerability scanning, monitoring, and incident response.
• Ability to threat model edge-to-cloud systems, APIs, data pipelines, and deployed devices.
• Comfortable working closely with Product and Engineering to explain risks and drive fixes.
• Scripting or automation skills, such as Python or Bash.
• Experience with SOC 2, ISO 27001, or similar frameworks.
• Experience in IoT, ITS, smart mobility, embedded systems, or data-heavy platforms is a strong plus.
• Open to relocation to UAE after probation, subject to UAE immigration approval.