Engineering Manager (Security & Compliance)

Yassir is the leading super App in the Maghreb region set to changing the way daily services are provided. It currently operates in 45 cities across Algeria, Morocco and Tunisia with recent expansions into France, Canada and Sub-Saharan Africa. It is backed (~$200M in funding) by VCs from Silicon Valley, Europe and other parts of the world. We offer on-demand services such as ride-hailing and last-mile delivery. Building on this infrastructure, we are now introducing financial services to help our users pay, save and borrow digitally. Helping usher the continent into a digital economy era. We’re not just about serving people - we’re about creating a marketplace to bring people what they need while infusing social values.
Role Overview:As the Engineering Manager (Security & Compliance), you will play a pivotal role in ensuring the security and compliance of our products and systems. You will collaborate with cross-functional teams, drive best practices, and champion security initiatives.

As an Engineering Manager with your team, you will focus on:

• Developing and Implementing Policies: Creating and enforcing security and compliance policies and procedures to ensure adherence to regulatory requirements and industry best practices.
• Risk Assessment and Management: Identifying, assessing, and mitigating security risks and compliance gaps through regular audits, vulnerability assessments, and risk management strategies.
• Security Architecture and Design: Designing and implementing secure network architectures, systems, and applications to protect against unauthorized access, data breaches, and other security threats.
• Security Monitoring and Incident Response: Monitoring systems and networks for security breaches or incidents, and responding promptly to mitigate the impact, investigate root causes, and implement corrective actions.
• Compliance Audits and Reporting: Conducting internal and external compliance audits to ensure adherence to regulatory standards, industry certifications, and contractual obligations, and preparing reports for stakeholders.
• Security Awareness Training: Providing ongoing security awareness training and education to employees to promote a culture of security and compliance within the organization.
• Vendor and Third-Party Risk Management: Assessing the security posture of vendors and third-party service providers, and implementing risk management strategies to protect against supply chain vulnerabilities.
• Data Protection and Privacy: Implementing measures to protect sensitive data, including encryption, access controls, and data loss prevention, to ensure compliance with data protection regulations and safeguard customer privacy.
• Incident Response Planning: Developing and maintaining incident response plans and procedures to guide the organization's response to security incidents, data breaches, and other emergencies.
• Continuous Improvement: Continuously evaluating and improving security and compliance processes, technologies, and controls to adapt to evolving threats and regulatory requirements.

You may be a fit for this role if you have some of these inclinations:

• Bachelor's or master’s degree in a related field such as cybersecurity or information technology. Advanced degrees or relevant certifications are a plus.
• Experience working in a rapidly growing startup.
• Proven experience in emergency management, incident response, or crisis communication, preferably in a security or compliance-focused role.
• Strong understanding of security frameworks, compliance standards (e.g., GDPR, HIPAA, PCI DSS), and regulatory requirements relevant to the organization's industry.
• Excellent leadership and interpersonal skills with the ability to effectively communicate and collaborate with cross-functional teams.
• Crisis management experience, including the ability to remain calm and make sound decisions under pressure.
• Analytical mindset with the ability to assess complex situations, identify root causes, and develop effective solutions.
• Strong project management skills with the ability to prioritize tasks, manage resources, and meet deadlines in a fast-paced environment.
• Commitment to continuous learning and professional development to stay abreast of evolving threats and best practices in emergency management and cybersecurity.

Projects you could work on:

• Establishing and maintaining information security strategy for developing company
• Setting up SSDLC process in the product focused company
• Setting security operations processes and enabling security monitoring

At Yassir, we believe in the power of diversity and the importance of an inclusive culture. So, if you're ready to bring your unique perspective and experiences to the table, then we're excited to listen.
Don't just apply for a job, come and be a part of our journey. Let's create a better tomorrow together.
We look forward to receiving your application!
Best of luck,Your Yassir TA Team