Security Engineer

Location: Remote (EMEA, Pakistan, Indonesia preferred)

Team: Engineering

About the Team

Within our engineering organization, the Security Engineering team is dedicated to protecting the donors, beneficiaries, and partners who trust our crowdfunding platform. This team ensures that every contribution is handled with integrity, confidentiality, and reliability. We partner closely with product, engineering, and compliance teams to safeguard sensitive financial and personal data while building secure systems that support our growth and uphold community trust.

Responsibilities

As a Security Engineer, you’ll play a hands-on role in building and maintaining the security foundations of our platform. You will:

• Implement and improve cloud security controls across IAM, network segmentation, monitoring, and encryption.
• Help design and maintain secure CI/CD pipelines, integrating automated scanning, dependency checks, and policy enforcement.
• Contribute to secure infrastructure development using Infrastructure-as-Code (Terraform, Pulumi, or similar).
• Participate in threat modeling and risk assessments for core crowdfunding workflows (e.g., donor data, payment integrations, anti-fraud systems).
• Support monitoring, alerting, and incident response processes to keep the platform resilient.
• Collaborate with engineering teams to promote secure coding practices and “shift-left” security.
• Document and share best practices, contributing to a growing security knowledge base for the organization.
  

You may be a good fit if you have:

• 3–6 years of experience in security engineering, DevOps, or software engineering with a focus on security.
• Familiarity with at least one major cloud provider (AWS, Azure, or GCP) and its security services.
• Experience with Infrastructure-as-Code (Terraform, CloudFormation, Pulumi, etc.).
• Working knowledge of securing web applications and APIs against common threats (OWASP Top 10).
• Basic familiarity with containerization and Kubernetes security concepts.
• Solid scripting or development skills (Python, TypeScript, Go, or similar).
• Strong problem-solving mindset and willingness to learn in a fast-paced environment.
• Clear communication skills with an ability to explain security concepts to both technical and non-technical teams.
  

Bonus points if you have:

• Experience implementing MFA, RBAC, and access reviews at scale.
• Exposure to compliance frameworks (PCI-DSS, SOC2, GDPR, or AML/KYC requirements).
• Practical experience with vulnerability scanning tools and remediation workflows.
• Familiarity with financial systems, payments security, or fraud detection.
• Interest in building security practices for social good organizations or fintech startups.

Why Join Us

This is a unique opportunity to help shape the security foundation of a growing global crowdfunding platform serving the Muslim community. Your work will directly impact the trust and safety of thousands of donors and beneficiaries worldwide. You’ll get to grow your skills, work across multiple domains of security, and help us scale responsibly while staying true to our mission.