Cybersecurity Staff Engineer

Job not on LinkedIn

🔥 16 hours ago

Apply Now
Find Similar Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Logo of NBA

NBA

11 - 50 employees

Founded 2007

🏠 Real Estate

🤝 B2B

Real Estate • B2B

NBA is an award-winning architecture and interior design studio founded in 2007 by Architect Nadia Bakhurji, based in the GCC. The firm delivers human-centered architecture and interiors across residential, offices, commercial/retail, mixed-use, master planning, and public projects, emphasizing modern design methodologies, high-quality craftsmanship, and a client-first collaborative process. NBA has an established track record of regional and international awards and works with both private developers and public-sector clients.

📋 Description

• Aggregate risk posture, control gaps, and issue status across all cybersecurity towers into cohesive dashboards and executive-ready reporting frameworks • Serve as the single point of GRC intelligence — translating disparate signals into a coherent organizational risk picture • Establish and maintain consistent metrics and KPIs that reflect compliance health across all towers • Own end-to-end issue lifecycle management — from identification through remediation — ensuring findings don't stall in handoff gaps • Build accountability mechanisms across tower leads and partner teams that keep risk closure on track without requiring direct authority • Ensure non-IT departments follow documented processes and help them address audit gaps • Escalate systemic issues and trend patterns to senior leadership with actionable recommendations • Lead all aspects of ISO 27001 certification maintenance, including evidence collection, control mapping, audit readiness, and continuous improvement • Manage relationships with external auditors and certification bodies • Ensure the program remains audit-ready year-round, not just at certification time • Contribute into our SOC 2 Type II program and lead compliance posture across applicable trust service criteria • Coordinate with engineering, IT, and operations teams to ensure controls are implemented, evidenced, and sustainable • Conduct and document Level 1 cyber risk assessments using established frameworks including NIST CSF and ISO 27001 • Maintain the enterprise cyber risk register, ensuring risks are properly rated, owned, and tracked toward resolution • Surface emerging risks tied to our industry — fan data systems, broadcast infrastructure, global event operations — with appropriate context for decision-makers • Partner with tower leads, IT, Legal, Privacy, and Procurement to align on risk priorities and drive coordinated remediation • Communicate policy and regulatory requirements in language that resonates with both technical practitioners and executive stakeholders • Operate as a trusted advisor across the organization — influencing outcomes without relying on org chart authority • Identify opportunities to replace manual compliance effort with scalable automation through GRC platforms and integrations • Drive adoption and optimization of tools such as Drata, ServiceNow GRC, OneTrust, or equivalent platforms • Stay ahead of the tooling landscape and bring forward recommendations that improve program efficiency and coverage • Maintain working knowledge of regulations relevant to our global footprint — including GDPR, CCPA, and evolving data residency requirements across international markets • Support third-party and vendor risk review processes in coordination with Legal and Procurement, ensuring vendor relationships meet our compliance standards

🎯 Requirements

• 7+ years of progressive experience in Cybersecurity GRC, Risk Management, or Compliance with exposure to both program ownership and cross-functional coordination • Demonstrated ability to manage across multiple security domains simultaneously without losing precision or accountability • Hands-on experience leading ISO 27001 certification programs and SOC 2 Type II compliance — you've owned audit cycles, not just supported them • Familiarity with one or more GRC platforms (Drata, ServiceNow, OneTrust, or comparable) • CISSP, CISM, or CRISC certification preferred • Experience in sports, entertainment, media, or other high-profile consumer-facing industries a plus

🏖️ Benefits

• medical • dental • vision • life/AD&D insurance • short- and long-term disability • fertility and family-forming assistance • wellbeing allowance • educational assistance • mental health coaching/therapy • tax advantaged accounts such as HSA and healthcare/dependent care FSAs • a 401(k) retirement plan • time off benefits that include vacation, sick time, and personal days

Apply Now

Similar Jobs

🔥 17 hours ago

Fifth Third Bank

10,000+ employees

🏦 Banking

Principal Information Security Engineer responsible for defining security tools and advancing zero trust strategies in the banking sector. Collaborating with IT teams to enhance security measures.

AWS

Cloud

Linux

🔥 17 hours ago

Fifth Third Bank

10,000+ employees

🏦 Banking

Principal Enterprise Security Architect overseeing information systems design and governance in banking at Fifth Third Bank. Collaborating with IT leadership to drive technical strategies and solutions.

Cloud

Microservices

🔥 19 hours ago

Spring Health

501 - 1000

⚕️ Healthcare Insurance

🧘 Wellness

☁️ SaaS

Vice President of Information Security leading security strategy for Spring Health, a global mental health company. Responsible for defining and advancing enterprise-wide information security strategy to protect company assets.

Cloud

Cyber Security

SDLC

🕒 Yesterday

Cisco

10,000+ employees

🔧 Hardware

🔐 Security

🏢 Enterprise

Cybersecurity Account Executive responsible for enhancing security resilience and driving sales. Develops strategies for client accounts within Cisco's comprehensive security portfolio.

🕒 Yesterday

Cisco

10,000+ employees

🔧 Hardware

🔐 Security

🏢 Enterprise

Security Account Executive driving Cisco Security growth across federal and local government agencies. Collaborating with agency leadership to adopt cybersecurity solutions.

Cyber Security