Design, implement, and manage security measures to protect our web-app services, cloud infrastructure (AWS, GCP, Azure) components and any integrations with external APIs

• Develop and maintain policies and processes to incorporate early detection of security issues and adherence to best practices in cybersecurity in product development 

• Conduct regular manual security assessments and vulnerability scans of web applications, APIs, and cloud environments.

• Implement and manage security tools and technologies, including firewalls, VPN, intrusion detection/prevention systems, automated vulnerability scanners, and endpoint protection solutions.

• Monitor and analyze security events and incidents, providing timely response and mitigation strategies.

• Collaborate with development and DevOps teams to integrate security best practices into the software development lifecycle (SDLC).

• Ensure compliance with relevant security frameworks and regulations (e.g., ISO 27001, NIST, CIS, etc.).

• Manage SOC2 compliance audit

• Conduct security training and awareness programs for employees.

• Stay current with emerging security threats, vulnerabilities, and mitigation techniques.

• Lead and mentor teams working on infrastructure components related to security practices.

• Uphold our culture of engineering excellence

• Collaborate with the leadership team in related research and development efforts