Risk and Compliance Specialist, Information Security

Who are we?

noon is the largest e-commerce player in the Middle East and is quickly becoming the go-to platform for all online customer needs. We've built a full-fledged ecosystem of products and services in e-commerce, quick-commerce, food, fintech, grocery, and fashion—and we're just getting started.

We are a team of dynamic professionals who are aggressively ambitious, rapidly scaling, and uniquely positioned to capitalize on the rapid adoption of e-commerce in the Middle East.

We're on an unconventional mission, doing something that has never been done before. We are developing the future of online shopping, and we're looking for top talent to join us on our mission.

Job Description

At noon, we recognize risk, compliance, and governance's importance and value to the broader Information Security program success. Therefore, We are seeking a Risk and Compliance Specialist to focus on building a security assurance program that enables our companies to meet regional/global regulatory and compliance requirements.

We are excited to have someone join the team with broad compliance, risk, and technical experience. This role will acquire and nurture collaborations with Legal, Internal Audit, the broader Infosec department, and other Engineering functions to drive a data-centric security assurance strategy.

Department: Information Security

Role:

• Own all aspects of the compliance requirements, including the management and implementation of the key controls of PCI-DSS, ISO 27001, SOC 2 across our group of companies.
• Overseeing the design and implementation of the Vendor risk assessment program and liaising with outside vendors/suppliers regarding security and compliance measures.
• Confirm vendor controls and advise remediation activities. Prioritize, log, report all events, progress, and challenges regularly to higher management.
• Execute projects related to data privacy gap assessments/Audits.
• Development of data privacy framework including TOM, policies, procedures, and templates
• Development & implementation of data privacy processes (e.g., Consent Management, DSAR requests, Data Privacy incident management, etc.)
• Perform Gap Analysis and Risk Assessment as per the defined scope.
• Effectively write and communicate audit, assessment or compliance results, findings, and recommendations to stakeholders.
• Leveraging engineering principles to address compliance challenges.
• Provide Subject-Matter-Expert guidance on the org-wide risk management program and risk appetite.
• Periodic review and revision of all company policies and procedures.

Required Skills :-

• Bachelor's degree, or equivalent experience, in Computer Science, Engineering, Mathematics or a related field.
• Experience in international standards and local regulatory requirements related to payment security, data privacy and protection.
• Experience advising customers on architectures meeting industry standards such as PCI DSS, ISO 27001, GDPR, and NIST/DoD frameworks
• Must have at least 2 years in managing regulatory and compliance framework requirements (e.g., PCI DSS, SOC2, ISO27001, ISO 27701, GDPR, NCA/NDMO data privacy framework)
• Hands-on experience analyzing and applying compliance requirements to security practices
• Ability to monitor and keep current with changes and trends in the regulatory landscape.
• Experience in Data Protection Impact Assessments.
• Performing security risk assessments.
• Development of security policies and procedures.

Preferred Qualifications :-

• PCI DSS Qualified Security Assessor (QSA) Certification is a plus
• GDPR practice and certification
• CISSP/ CISA/ CISM or equivalent preferred
• A hands-on technical background is preferred.
• Able and comfortable wearing multiple hats.
• Establishes industry expertise through writing, speaking, shipping open-source projects, or online presence.

Who will excel?

'noon isn't for everyone. And that's okay.' This is one of our core operating principles.

We're looking for resourceful doers. Thinkers who are both creative and analytical. Problem solvers who are enthusiastic about delivering results. Our ideal candidate will be comfortable in a fast-paced, multi-tasked, high-energy and often ambiguous environment.

If the above values resonate with you, then noon might be the place for you.