Head of Security and Compliance

Department: Engineering

Location: Global+

• Develop and implement comprehensive security strategies, policies, and procedures for IT and physical security.


• Oversee and manage all aspects of IT security, including network security, cybersecurity threats, and data protection.


• Establish robust protocols for employees and contractors in a remote-work environment, ensuring compliance with data protection standards.


• Assess security risks and implement mitigation strategies to protect company assets and personnel.


• Ensure compliance with industry regulations, data protection laws, and company policies.


• Lead the security incident response process, including investigation, reporting, resolution, business continuity and disaster recovery planning


• Monitor and evaluate the effectiveness of security measures and update policies as needed.


• Conduct regular security audits, penetration testing, tabletop exercises, and vulnerability assessments.


• Collaborate with other departments to provide security awareness training for employees.


• Develop and deliver security awareness programs that educate and empower employees at all levels.


• Manage security budgets, resources, and vendor relationships to enhance security infrastructure.


• Stay up to date with emerging security trends, threats, and technologies.

• Bachelor's or Master's degree in Cybersecurity, Information Technology, or a related field.


• Minimum of 7-10 years of experience in IT security, risk management, or a related role.


• Strong knowledge of security frameworks (ISO 27001, NIST, CIS, etc.) and compliance standards (GDPR, HIPAA, SOC 2, etc.).


• Experience with network security, VPNs, firewalls, encryption, SIEM tools, and incident response.


• Strong background in endpoint management, MDM (Mobile Device Management), and zero-trust network access


• Proven leadership experience with the ability to manage cross-functional teams.


• Excellent problem-solving, communication, and decision-making skills.


• Relevant certifications such as CISSP, CISM, CISA, or CEH are preferred.