CXG

Security Engineering Lead

CXG

contract

Posted on:

Location Type: Remote

Location: Morocco

Visit company website

Explore more

AI Apply
Apply

Job Level

Senior

Tech Stack

CloudCyber Security

About the role

  • **What you will be doing:**
  • The Security Engineering Lead owns and continuously improves the organization’s security posture across cloud platforms, enterprise systems, applications, AI solutions, and third-party services.
  • This is a hands-on leadership role combining governance, engineering validation, automation, and client-facing security representation. Security must be embedded into architecture, development workflows, AI adoption, and operational practices in a scalable and structured way.
  • **Your duties will also involve:**
  • Key Responsibilities1. Security Governance & Risk
  • - Own and maintain the ISMS aligned with ISO 27001
  • - Manage risk assessment frameworks, policies, and security KPIs
  • - Ensure alignment with client security requirements
  • - Drive continuous maturity improvement
  • 2. Vulnerability Management & Testing
  • - Operate a structured vulnerability management program
  • - Conduct internal scans and coordinate external penetration testing
  • - Validate remediation and track resolution progress
  • - Provide structured reporting on risk posture
  • 3. Application & DevSecOps Security
  • - Define secure coding standards and security gates
  • - Implement SAST, DAST, and dependency scanning
  • - Integrate security into CI/CD pipelines
  • - Review high-risk features and validate remediation
  • Automation-first approach, with targeted manual validation when required.
  • 4. Cloud, Infrastructure & Enterprise Security
  • - Define and validate cloud security baselines
  • - Review IAM models, network segmentation, firewall and WAF controls
  • - Ensure encryption, logging, monitoring, and least-privilege principles
  • - Lead Microsoft 365, Defender, endpoint, and identity security governance
  • Hands-on ownership of enterprise security controls.
  • 5. Third-Party & Vendor Security
  • - Assess vendor security posture prior to adoption
  • - Maintain vendor risk framework
  • - Respond to client security questionnaires and due diligence
  • - Support contract-level security discussions
  • 6. AI & Tool Security Governance
  • - Assess security implications of new tools and AI platforms
  • - Define guardrails for responsible AI and data usage
  • - Ensure secure-by-design technology adoption
  • 7. Incident Response & Preparedness
  • - Maintain incident response plans and escalation procedures
  • - Coordinate security incidents across environments
  • - Lead post-incident reviews and corrective actions
  • 8. Security Culture & Enablement
  • - Promote security awareness and best practices
  • - Train teams on secure development and operations
  • - Continuously improve automation and controls
  • Security is a business enabler, not a blocker

Requirements

  • **What you will bring along:**
  • - 5+ years in cybersecurity, cloud security, or security engineering
  • - Proven experience securing cloud and SaaS environments
  • - Hands-on vulnerability management and penetration testing coordination
  • - Experience implementing automated security controls
  • - Experience with enterprise identity and endpoint security platforms
  • - Vendor security assessment experience
  • - ISO 27001 or similar governance exposure
  • - Experience interacting with clients on security matters
  • Technical Skills
  • - Strong cloud security and architecture validation expertise
  • - Network security, firewall, and web application protection knowledge
  • - DevSecOps and CI/CD security integration
  • - Application vulnerability assessment capability
  • - AI and third-party tool risk evaluation
  • Soft Skills
  • - Strong ownership mindset
  • - Risk-based decision making
  • - Clear communicator with technical and non-technical stakeholders
  • - Comfortable in client-facing discussions
  • - Structured and composed during incidents
  • - Automation and continuous improvement oriented
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
cybersecuritycloud securitysecurity engineeringvulnerability managementpenetration testingautomated security controlsidentity securityendpoint securityDevSecOpsCI/CD security integration
Soft Skills
ownership mindsetrisk-based decision makingclear communicationclient-facing discussionsstructured during incidentsautomation orientedcontinuous improvement