Security Engineer at Matrixport

Job Description

Key Responsibilities

• Strategic Compliance Leadership: Drive the strategy, design, and implementation of a comprehensive compliance framework. Lead initiatives for achieving and maintaining certifications such as ISO 27001, ISO 27701, and SOC 1/2 reports.
• Risk Management & Assurance: Own the end-to-end third-party risk management program. Act as the primary point of contact for all regulatory and client-driven due diligence, leading responses to security assessments and audits.
• In-depth Control Assessment: Lead and perform internal and external security and control assessments. Report findings to senior leadership, providing strategic recommendations and driving remediation efforts to mitigate risks effectively.
• Process Architecture & Enhancement: Proactively identify and assess emerging risks and compliance requirements. Architect process enhancements to ensure our security controls remain robust and effective against evolving threats.
• Stakeholder Influence & Advisory: Serve as an advisor to technical and business stakeholders. Provide expert guidance on compliance implications for new products and business initiatives, ensuring security is embedded from the outset.

Job Requirements

• Proven experience in compliance leadership, risk management, and security assessments.
• Strong knowledge of industry standards such as ISO 27001, ISO 27701, and SOC 1/2.
• Excellent communication and stakeholder management skills.
• Ability to architect and implement process improvements.
• Experience in advising technical and business teams on compliance and security matters.