Embross delivers market-leading passenger automation and self-service technologies to the global travel market. That last flight you jumped on, there is a good chance an Embross hardware or software solution helped facilitate part of your airport experience. The world's leading airlines and airports use Embross' range of service technologies to help make the passenger travel experience faster, simpler, and less stressful. For our partners, that translates to offering more flights, more often with more (happy) passengers on board.
So, what's great about what we do? We get to think creatively across a diverse solution stack of hardware and software to solve service and operations challenges for the world's
What You'll Do
We pride ourselves on staying ahead of the curve as we help our customers optimize and improve their service delivery models. We're excited to be entering a new transformative phase of our stack as we explore new products, and new capabilities and embrace the growing data-driven demands of these environments.
As the
Security Risk and Compliance Lead
, you will be responsible for driving the maturity of our cybersecurity program, ensuring regulatory alignment, and enabling the business to meet customer expectations with confidence and speed. You'll work across teams to implement controls, respond to risks, and streamline compliance efforts.
In this role, You will:Strategic & Customer-Facing Responsibilities
Strategic & Customer-Facing Responsibilities
Lead Security Posture for RFPs and Customer Engagements: Own the security and compliance sections of RFPs, questionnaires, and due diligence requests. Ensure our posture meets or exceeds customer expectations and streamline responses for faster turnaround.
Ensure Regulatory and Contractual Compliance: Maintain alignment with GDPR, ISO27001, and other applicable standards. Track obligations and proactively address gaps.
Develop and Maintain Cybersecurity Policies: Create and update documentation to reflect current practices and regulatory requirements. Ensure policies are accessible, actionable, and auditable.
Program Execution & Governance
Drive Cybersecurity Initiatives and Project Execution: Lead planning, tracking, and delivery of security-related projects across infrastructure, engineering, and business teams.
Manage Vulnerability Remediation Efforts: Coordinate with stakeholders to prioritize and resolve findings from scans, assessments, and penetration tests.
Support Disaster Recovery and Incident Response Planning: Help develop, test, and maintain business continuity and incident response plans
Operational & Technical Oversight
Monitor and Respond to Security Alerts: Triage inbound alerts from SIEM, endpoint protection, and cloud platforms. Escalate and coordinate response as needed.
Introduce Security into Development Workflows: Collaborate with engineering teams to embed secure coding practices and DevSecOps principles.
Support SBOM Creation and Compliance: Assist in building and maintaining Software Bills of Materials to meet regulatory and customer requirements.
Culture & Awareness
Lead Security Roundtables and Awareness Efforts: Facilitate discussions, training, and campaigns to promote best practices and a security-first mindset across departments.
Who You Are
You have a
post-secondary degree in cybersecurity or a related field
, or equivalent real-world experiencein security operations and compliance.
3+ years of hands-on experience
in SOC operations, policy creation, and security program execution.
Familiarity with
alert management platforms
,
SIEM tools
, and
vulnerability scanning solutions
.
Solid understanding of
secure software development practices
and DevSecOps principles.
Working knowledge of
GDPR
,
ISO27001
, and other relevant compliance frameworks.
Strong
analytical and communication skills
, with the ability to translate technical risks into business impact.
Proven ability to deliver
exceptional customer service
, including clear communication, effective problem-solving, and professionalism when engaging with internal and external stakeholders.
Self-motivated, organized, and capable of working independently with minimal supervision.
Excellent
written and verbal communication skills
in English.
Bonus If You Also Have
Industry-recognized certifications
such as CISSP, CISM, or CompTIA Security+.
Experience with SBOM tools
and familiarity with secure coding standards (e.g., OWASP, NIST SSDF).
Exposure to penetration testing and threat modeling
, including coordination with external assessors or internal red teams.
Hands-on experience with
Microsoft Defender
,
Microsoft Sentinel
,
Nessus
,
Jira
, and
compliance management platforms
such as Microsoft Compliance Manager, Drata, or Vanta.
Familiarity with
automating compliance workflows
, tracking evidence, and responding to audits or customer assessments efficiently.
Travel
You will be working from the Richmond Hill, Office. However, you will be expected to travel to each company site at least once annually to support cross-functional collaboration, participate in planning sessions, and maintain strong relationships with stakeholders.
What We Offer
World-class product engineering and development
- You will join a team of leaders who are dedicated to creating innovative and impactful solutions for our clients and their customers.
Career growth and development
- As a build-from-within company, we are committed to offering you a competitive salary package with responsibilities and projects designed to build mastery and leadership throughout the course of your career.
Dynamic and respectful work environment
- Working alongside some of the brightest minds, you will collaborate on impactful work within a supportive environment - one where company values are always embraced and expressed, and diversity is a business imperative.
To support our talented workforce, apart from the base salary, we also offer:
Employer-paid Health, wellness, and lifestyle benefits to balance your heart, mind, and body which includes Health, Dental, Vision, Life Insurance
STD and LTD Benefits.* A minimum of 3% of your base salary towards GRSP as an employer contribution.
Opportunity to participate in the Performance-based Profit-Sharing Program and earn up to an additional 15% of your Base Salary.
Flexible working environment.
Frequent social events - BBQ, Bowling, Picnics, Food drives, parties, and a lot more.
Embross values diversity and people of all backgrounds and abilities. Should you require any accommodations prior to or during the interview process, please email careers@embross.com
Job Types: Full-time, Permanent
Work Location: In person
Beware of fraud agents! do not pay money to get a job
MNCJobz.com will not be responsible for any payment made to a third-party. All Terms of Use are applicable.