Security Compliance Engineer

Feedzai is the world’s first RiskOps platform for financial risk management, and the market leader in safeguarding global commerce with today’s most advanced cloud-based risk management platform, powered by machine learning and artificial intelligence. Feedzai is securing the transition to a cashless world while enabling digital trust in every transaction and payment type. The world’s largest banks, processors, and retailers trust Feedzai to protect trillions of dollars and manage risk while improving the customer experience for everyday users, without compromising privacy. Feedzai is a Series D company and has raised $282M to date. With a valuation of $2 billion, our technology protects 1 billion consumers and 90 billion transactions each year.

The Security Team keeps Feedzai products and systems secure. We work on risk reduction and security issue mitigation as we continue to move forward and grow. We maintain compliance and security best practices aligned with industry standards, as we work in a very regulated environment and do develop our own software and services. The Security Team is involved from the beginning of production to meet and exceed our client expectations and be the top SME in the industry. We run our own Security Operations Center services and incident response with state of the art tools. We are dynamic, tenacious, and driven by our passion for fighting financial fraud and crime with our socially responsible products. Join Us!

You:

We are looking for a Senior Security Compliance Engineer. You will be responsible for making sure that both our software & our infrastructure is safe, helping to protect our customers.

Your Day to Day:

Ensure compliance with core applicable standards and regulations (PCI DSS, ISO/IEC 27001 and 27701, SOC 2, NIST, GDPR) & participate in the audit processes;

Support clients, vendors, and regulatory audits, assessments, and information security requests;

Review, implement and oversight the effectiveness of Feedzai's security framework as well as ensuring their effectiveness;

Perform security risk assessments and provide prioritized remediation recommendations;

Develop, review, and maintain policies, processes, and standards and implement procedures, controls, and other measures to ensure compliance with internal and legal regulations and requirements.

You have & You Know-How

Knowledge of compliance and regulatory frameworks (PCI DSS, ISO/IEC 27001, SOC 2, NIST, CIS, GDPR, etc.);

Understanding of cloud security concepts (e.g.: Amazon Web Services (AWS) IAM, GCP or Azure security principles, etc.) and integrating security controls through DevOps and Infrastructure as a Service (IaaS) techniques;

Excellent communication skills (written and verbal) with an ability to articulate complex topics in a clear and concise manner.

Knowledge of container orchestration systems such as Kubernetes is welcomed.

Experience working with Generative AI (GenAI) tools is a plus.