Security Engineer
Security Engineer
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
The Role
As we continue to grow ensuring the security and integrity of our platform is more important than ever. Were looking for a Security Engineer to help shape the future of security at Masabi someone whos excited to build robust controls reduce risk and support our global compliance journey.
Youll work closely with teams across the business to maintain and improve our compliance posture (PCI DSS ISO27001 SOC2 drive vulnerability management and security tooling and support audits and client commitments. This is a highly collaborative role that blends technical insight with process improvement ideal for someone whos curious empathetic detailoriented and ready to make a positive impact.
Youll report directly to the Senior Director of Corporate IT Compliance and Customer Success.
Responsibilities
Compliance & Security Controls
Own and improve security controls aligned with PCI DSS SOC 2 and ISO 27001 supporting audits and recertifications
Ensure we stay auditready with control testing documentation and remediation
Partner with internal teams and auditors to manage evidence collection and compliance outcomes
Manage and track contractual security obligations flagging any billable work
Risk Management & Policy
Lead risk assessments identify control gaps and recommend mitigation strategies
Manage the lifecycle of security policies and standards making sure theyre practical uptodate and embedded across teams
Stay ahead of regulatory changes and industry trends to proactively adjust our security approach
Vulnerability Management
Own our vulnerability scanning and triage process prioritising risks and working with teams to close gaps within SLAs
Coordinate and follow up on biannual penetration tests
Monitor CVEs and evaluate impact across cloud infrastructure and code dependencies
Oversee patching compliance and ensure SSL certificates are uptodate
Automate scanning reporting and risk scoring wherever possible
Incident Response & Continuous Improvement
Own the lifecycle of security incidents from detection and response to lessons learned
Maintain uptodate incident response plans aligned with compliance standards
Implement and optimise tools to detect prevent and mitigate potential threats
Lead regular security reviews across cloud environments and code repositories
Track key risk indicators (KRIs) and report on security metrics to leadership
Support the completion of RFPs and customer security questionnaires
Qualifications :
About You
Handson experience in security engineering compliance or risk management
Comfortable working with PCI DSS ISO 27001 SOC 2 and security audits
Solid understanding of vulnerability scanning pen testing and cloud environments (AWS)
Familiar with risk assessments mitigation strategies and patching workflows
Able to write clear documentation reports and policies
Collaborate curious proactive and always looking for ways to improve
Comfortable working independently in a remotefirst environment
Additional Information :
Some of our benefits
Up to 26 days of holiday per year plus the Christmas Shutdown (another 34 days)
Private healthcare
Monthly team bonding allowance
Up to 1000 training budget per year
200 to spend on your home office
Choice of workstation
Menopause support
Ability to work for up to 3 months per year from any country in the world. Certain limitations may apply
Remote Work :
Yes
Employment Type :
Fulltime
Employment Type
Remote
