Calo Inc.

Senior Security Engineer

Calo Inc.

full-time

Posted on:

Location Type: Remote

Location: Bahrain

Visit company website

Explore more

AI Apply
Apply

Job Level

Senior

Tech Stack

AWSCloud

About the role

  • Own and drive the security roadmap by identifying high-risk areas, prioritizing work, and delivering measurable improvements
  • Work closely with Platform, Product Engineering, Data, and Leadership to embed security into everyday delivery
  • Benchmark systems against relevant standards (e.g., OWASP Top 10 / ASVS, CIS where applicable) and translate findings into clear, actionable remediation plans
  • Run threat modeling and security reviews for major architectural or product changes
  • Proactively identify and remediate security issues across: Application code and APIs, Cloud infrastructure and configurations, Authentication, authorization, secrets, and data access
  • Personally triage findings, write fixes, and work with teams to get changes merged and deployed safely to production
  • Strengthen IAM least privilege, secrets management, encryption, logging/monitoring, and secure networking practices
  • Ensure production environments follow secure baseline practices (hardening, patching, access control, auditing)
  • Review and improve WAF rules, rate limiting, and abuse prevention in a practical, measurable way
  • Build and maintain incident response playbooks, support investigations, and drive post-incident improvements
  • Support security and privacy requirements relevant to the business (e.g., GDPR, PDPL)
  • Maintain control mapping and evidence in Drata (or similar tools), with a strong focus on automation.

Requirements

  • 6+ years of experience in security engineering or a closely related role
  • Proven experience leading security efforts in startups or high-growth environments
  • Strong hands-on background, you can identify an issue, fix it, and ship it to production yourself
  • Solid understanding of secure system design and common vulnerability classes (OWASP Top 10, auth/session security, API security, data protection)
  • Solid experience securing AWS environments: IAM, KMS/encryption, secrets management, logging/auditing, network controls
  • Experience securing CI/CD pipelines, build systems, and runtime environments
  • Experience with incident response, vulnerability management, and security monitoring
  • Clear communicator who can explain risk, trade-offs, and recommendations in a way teams actually adopt.
Benefits
  • Flexible work arrangements

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
security engineeringthreat modelingvulnerability managementsecure system designAPI securityAWSCI/CD pipelinesincident responseencryptionlogging/auditing
Soft skills
clear communicationleadershipproblem-solvingcollaborationrisk assessment