Job Description

Richmond Hill, ON

Who We Are

Embross delivers market-leading passenger automation and self-service technologies to the global travel market. That last flight you jumped on, there is a good chance an Embross hardware or software solution helped facilitate part of your airport experience. The world's leading airlines and airports use Embross' range of service technologies to help make the passenger travel experience faster, simpler, and less stressful. For our partners, that translates to offering more flights, more often with more (happy) passengers on board.


So, what's great about what we do? We get to think creatively across a diverse solution stack of hardware and software to solve service and operations challenges for the world's

What You'll Do

We pride ourselves on staying ahead of the curve as we help our customers optimize and improve their service delivery models. We're excited to be entering a new transformative phase of our stack as we explore new products, and new capabilities and embrace the growing data-driven demands of these environments.


As the

Security Risk and Compliance Lead

, you will be responsible for driving the maturity of our cybersecurity program, ensuring regulatory alignment, and enabling the business to meet customer expectations with confidence and speed. You'll work across teams to implement controls, respond to risks, and streamline compliance efforts.

In this role, You will:Strategic & Customer-Facing Responsibilities

Strategic & Customer-Facing Responsibilities

Lead Security Posture for RFPs and Customer Engagements: Own the security and compliance sections of RFPs, questionnaires, and due diligence requests. Ensure our posture meets or exceeds customer expectations and streamline responses for faster turnaround. Ensure Regulatory and Contractual Compliance: Maintain alignment with GDPR, ISO27001, and other applicable standards. Track obligations and proactively address gaps. Develop and Maintain Cybersecurity Policies: Create and update documentation to reflect current practices and regulatory requirements. Ensure policies are accessible, actionable, and auditable.

Program Execution & Governance

Drive Cybersecurity Initiatives and Project Execution: Lead planning, tracking, and delivery of security-related projects across infrastructure, engineering, and business teams. Manage Vulnerability Remediation Efforts: Coordinate with stakeholders to prioritize and resolve findings from scans, assessments, and penetration tests. Support Disaster Recovery and Incident Response Planning: Help develop, test, and maintain business continuity and incident response plans

Operational & Technical Oversight

Monitor and Respond to Security Alerts: Triage inbound alerts from SIEM, endpoint protection, and cloud platforms. Escalate and coordinate response as needed. Introduce Security into Development Workflows: Collaborate with engineering teams to embed secure coding practices and DevSecOps principles. Support SBOM Creation and Compliance: Assist in building and maintaining Software Bills of Materials to meet regulatory and customer requirements.

Culture & Awareness

Lead Security Roundtables and Awareness Efforts: Facilitate discussions, training, and campaigns to promote best practices and a security-first mindset across departments.

Who You Are

You have a

post-secondary degree in cybersecurity or a related field

, or equivalent real-world experiencein security operations and compliance.

3+ years of hands-on experience

in SOC operations, policy creation, and security program execution. Familiarity with

alert management platforms

,

SIEM tools

, and

vulnerability scanning solutions

. Solid understanding of

secure software development practices

and DevSecOps principles. Working knowledge of

GDPR

,

ISO27001

, and other relevant compliance frameworks. Strong

analytical and communication skills

, with the ability to translate technical risks into business impact. Proven ability to deliver

exceptional customer service

, including clear communication, effective problem-solving, and professionalism when engaging with internal and external stakeholders. Self-motivated, organized, and capable of working independently with minimal supervision. Excellent

written and verbal communication skills

in English. Bonus If You Also Have

Industry-recognized certifications

such as CISSP, CISM, or CompTIA Security+.

Experience with SBOM tools

and familiarity with secure coding standards (e.g., OWASP, NIST SSDF).

Exposure to penetration testing and threat modeling

, including coordination with external assessors or internal red teams. Hands-on experience with

Microsoft Defender

,

Microsoft Sentinel

,

Nessus

,

Jira

, and

compliance management platforms

such as Microsoft Compliance Manager, Drata, or Vanta. Familiarity with

automating compliance workflows

, tracking evidence, and responding to audits or customer assessments efficiently.

Travel

You will be working from the Richmond Hill, Office. However, you will be expected to travel to each company site at least once annually to support cross-functional collaboration, participate in planning sessions, and maintain strong relationships with stakeholders.

What We Offer

World-class product engineering and development

- You will join a team of leaders who are dedicated to creating innovative and impactful solutions for our clients and their customers.

Career growth and development

- As a build-from-within company, we are committed to offering you a competitive salary package with responsibilities and projects designed to build mastery and leadership throughout the course of your career.

Dynamic and respectful work environment

- Working alongside some of the brightest minds, you will collaborate on impactful work within a supportive environment - one where company values are always embraced and expressed, and diversity is a business imperative.
To support our talented workforce, apart from the base salary, we also offer:


Employer-paid Health, wellness, and lifestyle benefits to balance your heart, mind, and body which includes Health, Dental, Vision, Life Insurance STD and LTD Benefits.*
A minimum of 3% of your base salary towards GRSP as an employer contribution. Opportunity to participate in the Performance-based Profit-Sharing Program and earn up to an additional 15% of your Base Salary. Flexible working environment. Frequent social events - BBQ, Bowling, Picnics, Food drives, parties, and a lot more.
Embross values diversity and people of all backgrounds and abilities. Should you require any accommodations prior to or during the interview process, please email careers@embross.com


Job Types: Full-time, Permanent


Work Location: In person