Responsibilities - Develop, implement, and maintain a comprehensive information security program to protect our systems, applications, and data. - Conduct security assessments and vulnerability scans to identify and address potential threats and vulnerabilities across our technology stack. - Collaborate with the development and operations teams to integrate security controls and best practices into the software development lifecycle. - Design and implement access controls, authentication mechanisms, and data encryption techniques to protect sensitive information. - Stay up-to-date with the latest industry standards, best practices, and emerging threats to continuously improve our security posture. - Conduct regular security audits to evaluate the effectiveness of existing security controls. - Investigate and respond to security incidents, coordinating with relevant teams to contain and mitigate the impact. - Monitor security logs and alerts to proactively identify and remediate security issues. - Develop and deliver security awareness training to educate employees on security best practices and promote a culture of security consciousness. Requirements: - Bachelor's degree in Computer Science, Information Systems, or related field (or equivalent work experience). - Proven experience in information security engineering, with a focus on full stack security. - Strong understanding of secure coding practices and common software vulnerabilities. - Experience evaluating and implementing security controls within web applications, APIs, databases, operating systems, and network infrastructure. - Familiarity with industry-standard security frameworks and regulatory compliance requirements (e.g.,SOX, ISO 27001, NIST, GDPR, HIPAA). - Knowledge of security technologies, including firewalls, intrusion detection/prevention systems, SIEM, endpoint protection, and advanced threat intelligence.