Role Overview:As the Engineering Manager (Security & Compliance), you will play a pivotal role in ensuring the security and compliance of our products and systems. You will collaborate with cross-functional teams, drive best practices, and champion security initiatives.
As an Engineering Manager with your team, you will focus on:
- Developing and Implementing Policies: Creating and enforcing security and compliance policies and procedures to ensure adherence to regulatory requirements and industry best practices.
- Risk Assessment and Management: Identifying, assessing, and mitigating security risks and compliance gaps through regular audits, vulnerability assessments, and risk management strategies.
- Security Architecture and Design: Designing and implementing secure network architectures, systems, and applications to protect against unauthorized access, data breaches, and other security threats.
- Security Monitoring and Incident Response: Monitoring systems and networks for security breaches or incidents, and responding promptly to mitigate the impact, investigate root causes, and implement corrective actions.
- Compliance Audits and Reporting: Conducting internal and external compliance audits to ensure adherence to regulatory standards, industry certifications, and contractual obligations, and preparing reports for stakeholders.
- Security Awareness Training: Providing ongoing security awareness training and education to employees to promote a culture of security and compliance within the organization.
- Vendor and Third-Party Risk Management: Assessing the security posture of vendors and third-party service providers, and implementing risk management strategies to protect against supply chain vulnerabilities.
- Data Protection and Privacy: Implementing measures to protect sensitive data, including encryption, access controls, and data loss prevention, to ensure compliance with data protection regulations and safeguard customer privacy.
- Incident Response Planning: Developing and maintaining incident response plans and procedures to guide the organization's response to security incidents, data breaches, and other emergencies.
- Continuous Improvement: Continuously evaluating and improving security and compliance processes, technologies, and controls to adapt to evolving threats and regulatory requirements.
You may be a fit for this role if you have some of these inclinations:
- Bachelor's or master’s degree in a related field such as cybersecurity or information technology. Advanced degrees or relevant certifications are a plus.
- Experience working in a rapidly growing startup.
- Proven experience in emergency management, incident response, or crisis communication, preferably in a security or compliance-focused role.
- Strong understanding of security frameworks, compliance standards (e.g., GDPR, HIPAA, PCI DSS), and regulatory requirements relevant to the organization's industry.
- Excellent leadership and interpersonal skills with the ability to effectively communicate and collaborate with cross-functional teams.
- Crisis management experience, including the ability to remain calm and make sound decisions under pressure.
- Analytical mindset with the ability to assess complex situations, identify root causes, and develop effective solutions.
- Strong project management skills with the ability to prioritize tasks, manage resources, and meet deadlines in a fast-paced environment.
- Commitment to continuous learning and professional development to stay abreast of evolving threats and best practices in emergency management and cybersecurity.
Projects you could work on:
- Establishing and maintaining information security strategy for developing company
- Setting up SSDLC process in the product focused company
- Setting security operations processes and enabling security monitoring
Don't just apply for a job, come and be a part of our journey. Let's create a better tomorrow together.
We look forward to receiving your application!
Best of luck,Your Yassir TA Team