Product Security and Program Governance Lead

About Us

Swvl is a revolutionary idea that was born from passion, loyalty, and persistence to face all challenges that come our way. It started with an observation turning into a realization; too many cars on the streets, wasting our limited resources: time, space, and money.

Swvl became the first 1.5 billion unicorn in the Middle East to list on NASDAQ and is currently the 2nd best-funded startup in the MENA region. With a presence and operations in up to 22 countries worldwide and a vision to be active on 6 continents.

Our main goal is not just to facilitate commuting, but a hunger to strive for solutions, encourage the contribution of youth in innovation, and inspire change.

We are looking for an engaged and enthusiastic Engineer to join our team of talented engineers that share a common interest in distributed systems, their scalability and continued development.

About the Tribe

The Security Tribe is responsible for the overall cybersecurity program at SWVL. We are building a team that will set the strategy and execute on the security needs for the company partnering across the enterprise to build a risk aware environment. We oversee the security program while providing the expertise and the tooling to enable our engineers to build secure products and operate various security operations to ensure the security of our environment and take the lead when things go wrong.

About the Job

The Security Tribe is looking for a proven security expert to lead the Product Security and Program Governance functions at SWVL.This includes establishing the governance of the security program, education and awareness, third party oversight as well as establishing and lifting off the product security journey for the organization.

Responsibilities and Duties

• Build and lead the Security Program governance functions and establish the product/application security strategy and program for SWVL
• Create the vision for hiring strategies, technology, and security processes in this space
• Build and lead a team of high performing analysts and engineers
• Establish the policies, standards and procedures for Information Security and application/product security  for the organization
• Lead and implement security education and awareness program for the entire company including focused training for developers and engineers to build safe and secure products
• Establish and oversee third party oversight process to protect the interests of SWVL in sourcing engagements
• Build out the strategy and plan for application/product security for SWVL and a roadmap to drive maturity in our development practices collaborating with our engineering teams and servicing their needs
• Evaluate and implement open source and commercial tooling relevant to the product security needs of the organization
• Engage and oversee third parties that provide security services to augment internal staff and capabilities

Qualifications

• Broad knowledge of the Information Security domain to oversee governance programs like education and awareness, third party oversight and risk management
• Experience in and ability to contribute and execute the strategic direction for the application security program
• Management experience; hired and built high performing teams working in a fast paced environments
• Strong verbal and written communication skills; ability to communicate effectively and clearly to both technical and non-technical staff and influence extended stakeholders to drive results
• A strong understanding of software development, architecture, and application security in cloud environments
• A strong understanding of application security best practices and how to build secure software
• Strong understanding of Agile and DevOps practices