Engineering Manager (Security & Compliance)

As an Engineering Manager with your team, you will focus on:

• Developing and Implementing Policies: Creating and enforcing security and compliance policies and procedures to ensure adherence to regulatory requirements and industry best practices.
• Risk Assessment and Management: Identifying, assessing, and mitigating security risks and compliance gaps through regular audits, vulnerability assessments, and risk management strategies.
• Security Architecture and Design: Designing and implementing secure network architectures, systems, and applications to protect against unauthorized access, data breaches, and other security threats.
• Security Monitoring and Incident Response: Monitoring systems and networks for security breaches or incidents, and responding promptly to mitigate the impact, investigate root causes, and implement corrective actions.
• Compliance Audits and Reporting: Conducting internal and external compliance audits to ensure adherence to regulatory standards, industry certifications, and contractual obligations, and preparing reports for stakeholders.
• Security Awareness Training: Providing ongoing security awareness training and education to employees to promote a culture of security and compliance within the organization.
• Vendor and Third-Party Risk Management: Assessing the security posture of vendors and third-party service providers, and implementing risk management strategies to protect against supply chain vulnerabilities.
• Data Protection and Privacy: Implementing measures to protect sensitive data, including encryption, access controls, and data loss prevention, to ensure compliance with data protection regulations and safeguard customer privacy.
• Incident Response Planning: Developing and maintaining incident response plans and procedures to guide the organization's response to security incidents, data breaches, and other emergencies.
• Continuous Improvement: Continuously evaluating and improving security and compliance processes, technologies, and controls to adapt to evolving threats and regulatory requirements.

You may be a fit for this role if you have some of these inclinations:

• Bachelor's or master’s degree in a related field such as cybersecurity or information technology. Advanced degrees or relevant certifications are a plus.
• Experience working in a rapidly growing startup.
• Proven experience in emergency management, incident response, or crisis communication, preferably in a security or compliance-focused role.
• Strong understanding of security frameworks, compliance standards (e.g., GDPR, HIPAA, PCI DSS), and regulatory requirements relevant to the organization's industry.
• Excellent leadership and interpersonal skills with the ability to effectively communicate and collaborate with cross-functional teams.
• Crisis management experience, including the ability to remain calm and make sound decisions under pressure.
• Analytical mindset with the ability to assess complex situations, identify root causes, and develop effective solutions.
• Strong project management skills with the ability to prioritize tasks, manage resources, and meet deadlines in a fast-paced environment.
• Commitment to continuous learning and professional development to stay abreast of evolving threats and best practices in emergency management and cybersecurity.

Projects you could work on:

• Establishing and maintaining information security strategy for developing company
• Setting up SSDLC process in the product focused company
• Setting security operations processes and enabling security monitoring