Himalayas logo
CXGCX

Security Engineering Lead

A global customer experience agency specializing in the luxury sector, offering services like research, consulting, and training to help brands improve their customer interactions.

CXG

Employee count: 201-500

Morocco only

Stay safe on Himalayas

Never send money to companies. Jobs on Himalayas will never require payment from applicants.

We are growing! We are looking for a Security Engineering Lead who can work with in a hybrid or a remote set-up.

Who we are:

Founded in 2006, we’re proud to be a global business. From Shanghai to Paris, we have 12 offices and operate across four continents in 70 countries. We are home to over 250 professionals from around the world, working together to serve more than 230 luxury clients.

At CXG, we love to evolve, elevate, and transform experiences while bringing brand promises to life. We offer strategic solutions that impact performance and elevate the customer experience of some of the world’s most iconic premium and luxury brands.

What you will be doing:

The Security Engineering Lead owns and continuously improves the organization’s security posture across cloud platforms, enterprise systems, applications, AI solutions, and third-party services.

This is a hands-on leadership role combining governance, engineering validation, automation, and client-facing security representation. Security must be embedded into architecture, development workflows, AI adoption, and operational practices in a scalable and structured way.

Your duties will also involve:

Key Responsibilities

1. Security Governance & Risk

  • Own and maintain the ISMS aligned with ISO 27001
  • Manage risk assessment frameworks, policies, and security KPIs
  • Ensure alignment with client security requirements
  • Drive continuous maturity improvement

2. Vulnerability Management & Testing

  • Operate a structured vulnerability management program
  • Conduct internal scans and coordinate external penetration testing
  • Validate remediation and track resolution progress
  • Provide structured reporting on risk posture

3. Application & DevSecOps Security

  • Define secure coding standards and security gates
  • Implement SAST, DAST, and dependency scanning
  • Integrate security into CI/CD pipelines
  • Review high-risk features and validate remediation

Automation-first approach, with targeted manual validation when required.

4. Cloud, Infrastructure & Enterprise Security

  • Define and validate cloud security baselines
  • Review IAM models, network segmentation, firewall and WAF controls
  • Ensure encryption, logging, monitoring, and least-privilege principles
  • Lead Microsoft 365, Defender, endpoint, and identity security governance

Hands-on ownership of enterprise security controls.

5. Third-Party & Vendor Security

  • Assess vendor security posture prior to adoption
  • Maintain vendor risk framework
  • Respond to client security questionnaires and due diligence
  • Support contract-level security discussions

6. AI & Tool Security Governance

  • Assess security implications of new tools and AI platforms
  • Define guardrails for responsible AI and data usage
  • Ensure secure-by-design technology adoption

7. Incident Response & Preparedness

  • Maintain incident response plans and escalation procedures
  • Coordinate security incidents across environments
  • Lead post-incident reviews and corrective actions

8. Security Culture & Enablement

  • Promote security awareness and best practices
  • Train teams on secure development and operations
  • Continuously improve automation and controls

Security is a business enabler, not a blocker

Requirements

What you will bring along:

  • 5+ years in cybersecurity, cloud security, or security engineering
  • Proven experience securing cloud and SaaS environments
  • Hands-on vulnerability management and penetration testing coordination
  • Experience implementing automated security controls
  • Experience with enterprise identity and endpoint security platforms
  • Vendor security assessment experience
  • ISO 27001 or similar governance exposure
  • Experience interacting with clients on security matters

Technical Skills

  • Strong cloud security and architecture validation expertise
  • Network security, firewall, and web application protection knowledge
  • DevSecOps and CI/CD security integration
  • Application vulnerability assessment capability
  • AI and third-party tool risk evaluation

Soft Skills

  • Strong ownership mindset
  • Risk-based decision making
  • Clear communicator with technical and non-technical stakeholders
  • Comfortable in client-facing discussions
  • Structured and composed during incidents
  • Automation and continuous improvement oriented

About the job

Apply before

Posted on

Job type

Contractor

Experience level

Senior

Experience

5 years minimum

Location requirements

Morocco

Hiring timezones

Morocco +/- 0 hours

Job categories

Security EngineeringCloud SecurityDevSecOpsInformation SecuritySecurity Management

Skills

CybersecurityCloud SecuritySecurity EngineeringVulnerability ManagementPenetration TestingISO 27001SASTDASTCI CDDevSecOpsCloud ArchitectureNetwork SecurityFirewallsIAMOffice 365Endpoint SecurityVendor AssessmentIncident ResponseRisk AssessmentAI SecurityCulture AmpGuardRailsRemoteTransform Remote

About CXG

Learn more about CXG and their company culture.

View company profile

The story of Customer Experience Group (CXG) is a journey of evolution, born from a keen observation in a high-end mall in Shanghai in 2005. It was there that founder Christophe Caïs noticed a significant gap between the luxurious promise of high-end brands and the actual in-store customer experience. This realization sparked an idea: to help these brands bridge that gap by gaining a deeper understanding of their customers. This led to the birth of Albatross in 2006, a company specializing in measuring customer experience. The venture quickly gained traction, securing its first client, Benetton Sisley, in the same year. The initial success, fueled by referrals and word-of-mouth, propelled Albatross's expansion across China and the wider APAC region, with offices opening in Beijing, Guangzhou, Hong Kong, Tokyo, Seoul, Taipei, and Singapore between 2007 and 2010. However, providing actionable insights was only half the battle; clients often struggled with implementation. To address this, Face2Face, a specialist CX training business, was launched in 2010 to equip retail managers and staff with the skills to deliver exceptional customer experiences.

The 2010s marked a period of global expansion for the group, moving into Europe to be closer to key decision-makers for international brands. New offices were established in Paris, London, Moscow, and New York. A significant project in the United Arab Emirates led to the discovery of Dubai as a vibrant, business-friendly hub, strategically located between the North American, European, and APAC markets. This led to the decision to establish the company's headquarters in Dubai. As client relationships deepened, the need for a more unified and strategic proposition became clear. In 2017, the Customer Experience Group (CXG) was born, uniting the various solutions under one stronger, more cohesive brand. The goal was to be a strategic partner that could guide clients on their entire customer experience journey. The final evolution came in 2021, amidst the challenges of the Covid-19 pandemic. The company took the opportunity to strategically review its clients' evolving needs and its own business operations. From this, CXG emerged as a single, unified brand with a clear vision: to be the preferred customer experience transformation partner for premium and luxury brands worldwide. The journey that began with a simple observation continues, driven by a relentless commitment to transforming customer experiences and creating meaningful impact for its clients.

Employee benefits

Learn about the employee benefits and perks provided at CXG.

View benefits

Paid vacation

Offers extra paid annual leave.

Hybrid Work Policy

Progressive hybrid-work policy.

Flexible working hours

Offers flexible working hours to accommodate employees' needs.

Paid training

Provides paid training opportunities for professional development.

View CXG's employee benefits
Claim this profileCXG logoCX

CXG

Company size

201-500 employees

Founded in

2017

Chief executive officer

Christophe Caïs

Markets

Business ConsultingGlobal Expansion ServicesCustomer ExperienceLuxury RetailRetail ConsultingMarket ResearchMystery ShoppingBrand StrategyConsumer InsightsTraining And Development

Employees live in

United Arab Emirates
View company profile

Similar remote jobs

Here are other jobs you might want to apply for.

View all remote jobs

27 remote jobs at CXG

Explore the variety of open remote roles at CXG, offering flexible work options across multiple disciplines and skill levels.

View all jobs at CXG
Top remote companies

Remote companies like CXG

Find your next opportunity by exploring profiles of companies that are similar to CXG. Compare culture, benefits, and job openings on Himalayas.

View all companies

Find your dream job

Sign up now and join over 100,000 remote workers who receive personalized job alerts, curated job matches, and more for free!

Sign up
Himalayas profile for an example user named Frankie Sullivan
Save
Apply now
CXG hiring Security Engineering Lead • Remote (Work from Home) | Himalayas