Security Engineer at Matrixport

Job Description

Key Responsibilities

• Strategic Compliance Leadership: Drive the strategy, design, and implementation of a comprehensive compliance framework. Lead initiatives for achieving and maintaining certifications such as ISO 27001, ISO 27701, and SOC 1/2 reports.
• Risk Management & Assurance: Own the end-to-end third-party risk management program. Act as the primary point of contact for all regulatory and client-driven due diligence, leading responses to security assessments and audits.
• In-depth Control Assessment: Lead and perform internal and external security and control assessments. Report findings to senior leadership, providing strategic recommendations and driving remediation efforts to mitigate risks effectively.
• Process Architecture & Enhancement: Proactively identify and assess emerging risks and compliance requirements. Architect process enhancements to ensure our security controls remain robust and effective against evolving threats.
• Stakeholder Influence & Advisory: Serve as an advisor to technical and business stakeholders. Provide expert guidance on compliance implications for new products and business initiatives, ensuring security is embedded from the outset.

Job Requirements

• Proven experience in designing and implementing compliance frameworks and achieving certifications like ISO 27001, ISO 27701, and SOC 1/2.
• Strong background in risk management, third-party risk assessment, and regulatory due diligence.
• Experience leading security and control assessments and presenting findings to senior leadership.
• Ability to identify emerging risks and architect process improvements to enhance security controls.
• Excellent stakeholder management skills, with the ability to advise both technical and business teams on compliance matters.
• Strong analytical and problem-solving skills, with a strategic mindset.