Senior Manager in Regulatory Compliance ensuring effective risk management within the Information Security Group. Overseeing regulatory compliance and governance while leading automation efforts.
About the role
- Security Lead at Qargo overseeing security strategy and implementation for a cloud-native transport platform. Collaborating with engineering to ensure compliance and resiliency across Europe.
Responsibilities
- Security Strategy: Lead and evolve Qargo’s security roadmap across infrastructure, applications, and internal ecosystems.
- Engineering Partnership: Partner with development teams to "shift left," embedding security through threat modeling, automated code reviews, and architectural deep-dives.
- Vulnerability Management: Own the end-to-end lifecycle of vulnerability discovery—from automated scanning and prioritization to hands-on remediation.
- Cloud & Infrastructure: Design and maintain a secure, least-privilege cloud architecture (AWS/GCP/Azure), focusing on IAM, network segmentation, and advanced logging.
- Security Tooling: Implement and optimize our security stack, including SIEM, EDR, WAF, and secrets management.
- Incident Response: Drive our incident response capabilities—managing triage, containment, and post-mortem analysis to ensure continuous improvement.
- Platform Hardening: Secure our Kubernetes clusters, container workloads, and deployment pipelines against modern attack vectors.
- Compliance & Audits: Support our ISO 27001 and SOC 2 efforts by building scalable, automated compliance workflows.
- Knowledge Sharing: Create clear security guidelines, runbooks, and playbooks that empower the wider engineering team.
Requirements
- Core Security Knowledge
- Deep understanding of Secure-by-Design principles, defense-in-depth, and the principle of least privilege.
- Extensive experience in threat modeling and security architecture reviews.
- A strong grasp of the OWASP Top 10 and common API/application vulnerabilities.
- Technical Skills
- Strong Linux and Networking fundamentals (TCP/IP, DNS, TLS, HTTP/S).
- Hands-on experience securing Public Cloud environments (IAM, VPC, Logging).
- Ability to script and automate (Python, Go, or Bash) to scale security operations and reduce manual toil.
- Application and Platform Security
- Proficiency in modern AuthN/AuthZ patterns (OAuth2, OIDC, JWT).
- Experience with Kubernetes and container security (image scanning, runtime policies).
- Familiarity with securing CI/CD pipelines and automated deployment workflows.
- Operational and Compliance Experience
- Experience working within security frameworks such as ISO 27001, SOC 2, or NIST.
- A strong mindset for observability, monitoring, and proactive alerting.
Benefits
- Technical Ownership: The authority to shape the security posture of a major European SaaS platform.
- Innovation: Work with a modern tech stack in a company that values technical craftsmanship over bureaucracy.
- Ghent Tech Hub: Be part of a talented, international engineering team based in the heart of Ghent.
- Scale-up Growth: Opportunities to grow professionally as the company expands its footprint across Europe.
- Flexible Working: A supportive, hybrid work environment that trusts you to manage your own impact.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Information Security Engineer overseeing security tasks, ensuring implementation of security controls. Collaborating with legal and technical teams in a professional office environment.
Security Administrator managing security across cloud and on - premises environments at Homecare Homebase. Collaborating with teams for patient care systems security and compliance.
Principal Security Engineer shaping security strategy for enterprise IT systems and software products at RedCloud. Leading a team to ensure robust security practices for business growth.
Project Manager for cybersecurity at Consort Group, leading security solution implementations and client engagement. Collaborating within teams to execute comprehensive cybersecurity projects while ensuring client satisfaction.
Infrastructure Security Consultant deploying and implementing network security solutions at Consort Group. Responsible for analyzing and producing comparative syntheses of security solutions with a hybrid work arrangement.
Cyber Security Engineer responsible for application security and vulnerability management for Consort Group. Supporting secure development practices and collaborating with development teams to identify and mitigate security risks.
Cybersecurity Intern supporting Keenova's security program through hands - on experiences and mentorship. Engaging in various cybersecurity functions and contributing to meaningful projects.
Senior Security Engineer securing Cloudflare's global network and enterprise infrastructure. Working closely with engineering, IT, and compliance teams to address security risks at scale.
Senior IAM Systems Support Analyst providing L2 support expertise for CyberArk Agentic AI. Collaborating with security and development teams on IAM operations and compliance.