Security and Compliance Specialist

Optimove is a global marketing tech company, recognized as a Leader by Forrester and a Challenger by Gartner. We work with some of the world's most exciting brands, such as Sephora, Staples, and Entain, who love our thought-provoking combination of art and science. With a strong product, a proven business, and the DNA of a vibrant, fast-growing startup, we're on the cusp of our next growth spurt. It's the perfect time to join our team of ~450 thinkers and doers across NYC, LDN, TLV, and other locations, where 2 of every 3 managers were promoted from within. Growing your career with Optimove is basically guaranteed.

We are looking for a highly skilled Security and Compliance Specialist to drive the company's security and compliance initiatives across our multi cloud environments and services. This is a technical, hands-on role responsible for securing applications, IT infrastructure, customer data, and employee endpoints, while ensuring compliance with industry standards. The role also includes leading audits (ISO 27001, SOC 2 Type 2), regulations like GDPR and HIPPA, supporting customer security inquiries, and assisting the field departments (sales, marketing) with security-related needs.

Responsibilities:

Security Implementation:

Implement security across multi cloud environments (GCP, AWS, Azure) covering applications, DevSecOps oriented, IT systems, and endpoints.

Continuously remediate vulnerabilities.
Assist with incident response efforts, including root cause analysis and the implementation of remediation plans.
Cloud Security:
Oversee the security posture in multi-cloud environments (AWS, GCP, Azure) and services (such as Snowflake, MongoDB, Auth0 and others)
Familiarity with SIEM, CSPM and DSPM systems, SAST, DAST and CI/CDs
Vendor and Corporate Security Assessment:
Perform security assessments of third-party vendors and partners to ensure compliance with corporate security standards.
Implement vendor management processes to maintain security controls and compliance across all third-party relationships.
Customer Security Support:
Answer customer security-related questions and assist in responding to RFPs and security questionnaires.
Support field departments (sales, marketing, etc.) by addressing security concerns, creating customer-facing security documentation, and maintaining a knowledge base with answers to common security inquiries.
Data Security and Privacy:
Protect customer data, including PII, using encryption, DLP strategies, and access controls.
Enhance email security controls such as DMARC, DKIM, and SPF to protect against phishing and email fraud.
Compliance and Auditing:
Experience with security audits such as ISO 27001, SOC 2, and ensure compliance with global regulations (GDPR, HIPAA, etc.).
Conduct penetration tests and vulnerability assessments, implementing remediation strategies based on findings.

Qualifications:

Experience:

3+ years in security roles, with at least 2 years in cloud security and compliance.
Expertise in SIEM, CSPM, DSPM , DLP, SAST, DAST and encryption tools
Experience with cloud-based SaaS platforms (B2B)
Proven experience managing security audits (ISO 27001, SOC 2) and overseeing penetration tests.
Experience responding to customer security inquiries and supporting sales and marketing teams.
Technical Skills:
Proficient in cloud security practices across AWS, GCP, and/or Azure.
Strong knowledge of email security controls such as DMARC, DKIM, and SPF.
In-depth understanding of security technologies like IAM, VPN, firewalls, IDS/IPS, and encryption.
Experience with integrating security into CI/CD pipelines through DevSecOps practices.
Familiarity with endpoint management and device security tools.
Certifications (preferred):
CCSP, CISSP, CISM, CISA, or similar security certifications.
Cloud security certifications (AWS Certified Security Specialty, Google Professional Cloud Security Engineer, etc.).
Soft Skills:
Strong leadership, communication, and documentation skills.
Ability to collaborate with cross-functional teams and handle customer-facing tasks.
Analytical mindset and problem-solving abilities.

Why Join Us?
In this role, you will play a key part in safeguarding our company's assets, supporting customer security needs, and ensuring compliance with the highest standards. You'll lead security strategies in a dynamic SaaS environment and contribute to the company's continued success and growth.