About noon
We’re building an ecosystem of digital products and services that power everyday life across the Middle East—fast, scalable, and deeply customer-centric. Our mission is to deliver to every door every day. We want to redefine what technology can do in this region, and we’re looking for a Security Engineer who can help us move even faster.
noon’s mission: Every door, every day.
What you'll do:
We are seeking a dedicated professional with extensive experience in Governance and Compliance. The ideal candidate will possess a strong background in managing information security and compliance risks, ensuring that our organization adheres to the highest standards of security and regulatory requirements. This role requires a proactive individual who can effectively collaborate with internal stakeholders to develop and implement robust security measures.
In this position, you will be responsible for a variety of tasks, including overseeing security operations, data protection, managing crisis situations, and ensuring compliance with relevant regulations. You will also be involved in risk management and other Governance, Risk, and Compliance (GRC) functions. Your ability to multitask and handle multiple priorities simultaneously will be crucial to your success in this role.
Strong communication skills are essential, as you will need to convey complex security concepts to both technical and non-technical stakeholders. We value individuals who can work independently while also being a team player, contributing to a collaborative and supportive work environment. If you are passionate about security and compliance and have a proven track record in these areas, we encourage you to apply for this exciting opportunity.
Responsibilities:
- Collaborate with multiple organizational stakeholders to drive development, maintenance and adoption of internal security & privacy policies, standards, procedures/guidance that allow Noon Payments to comply with multiple security/privacy frameworks, contractual obligations and regulatory requirements.
- Facilitate security and privacy policy & standards lifecycle management.
- Ensure security & privacy policies and standards are communicated to appropriate audiences and accounted for in Standard Operating Procedures.
- Lead and support Noon Payments’s internal and external audit/assessment activities
- Lead and support Noon Payments's internal Risk and Compliance program execution to identify and drive remediation of Security & Privacy risks/findings.
- On an as-needed basis, advise other teams on applicability and implementing/maintaining compliance with the Privacy and Security policies and standards through their business operations.
- Develop and implement a comprehensive cloud DLP security strategy that aligns with the organization's goals and compliance requirements.
- Educate employees on the importance of data security and advise them on best practices for maintaining a secure environment.
- Assist in the compliance requirements of Microsoft Defender and Azure environments.
What you'll need:
Qualifications Required
- Bachelor’s degree in computer science, Information Technology or any other related discipline or equivalent related experience
- 3+ years of directly related or relevant experience, preferably in information security
- Hands-on experience in Microsoft Defender, Office 365, Azure and GCP.
- An ideal candidate will have strong skills in one of the following, and good skills in the third: GRC, Security, Systems Architecture, Third Party Risk Management.
- Ability to understand, track, and explain complex projects and programs run by other teams to relevant stakeholders, and to apply security & privacy frameworks & standards.
- Experience supporting cybersecurity risk or controls management programs with in-depth knowledge and experience of cybersecurity frameworks including ISO 27001, PCI-DSS, SOC, NIST CSF and other regulatory requirements
- Experience collaborating closely with engineers, business teams, and security partners, including incident response, red teams, and architects to seamlessly incorporate cybersecurity controls and risk management processes into their day-to-day operations
- Experience in supporting complex third-party audit projects in a cloud-centric environment, with a strong aptitude to understand emerging technologies to assure regulatory and compliance requirements are met
- Proficiency with Microsoft Purview DLP, including extensive experience deploying and optimizing the solution to meet complex security needs.
Skills Required
- Problem solving attitude.
- Strong drive to deliver results.
- High level of energy, enthusiasm, and passion.
- Fluent in English.
- Flexible working style.
Technologies & tools required
- Azure, GCP
- Microsoft 365
- PCI DSS
- ISO 27001:2022
- Microsoft Defender
- Microsoft Purview
Who will excel?
- We’re looking for people with high standards, who understand that hard work matters.
- You need to be relentlessly resourceful and operate with a deep bias for action.
- We need people with the courage to be fiercely original.
- noon is not for everyone; readiness to adapt, pivot, and learn is essential.
