Who we are is what we do. Deel is the all-in-one payroll and HR platform for global teams. Our vision is to unlock global opportunity for every person, team, and business. Built for the way the world works today, Deel combines HRIS, payroll, compliance, benefits, performance, and equipment management into one seamless platform. With AI-powered tools and a fully owned payroll infrastructure, Deel supports every worker type in 150+ countries—helping businesses scale smarter, faster, and more compliantly. Among the largest globally distributed companies in the world, our team of 7,000 spans more than 100 countries, speaks 74 languages, and brings a connected and dynamic culture that drives continuous learning and innovation for our customers. Why should you be part of our success story? As the fastest-growing Software as a Service (SaaS) company in history, Deel is transforming how global talent connects with world-class companies – breaking down borders that have traditionally limited both hiring and career opportunities. We're not just building software; we're creating the infrastructure for the future of work, enabling a more diverse and inclusive global economy. In 2024 alone, we paid $11.2 billion to workers in nearly 100 currencies and provided healthcare and benefits to workers in 109 countries—ensuring people get paid and protected, no matter where they are. Our momentum is reflected in our achievements and customer satisfaction: CNBC Disruptor 50, Forbes Cloud 100, Deloitte Fast 500, and repeated recognition on Y Combinator’s top companies list – all while maintaining a 4.83 average rating from 15,000 reviews across G2, Trustpilot, Captera, Apple and Google. Your experience at Deel will be a career accelerator. At the forefront of the global work revolution, you'll tackle complex challenges that impact millions of people's working lives. With our momentum—backed by a $17.3 billion valuation and $1 B in Annual Recurring Revenue (ARR) in just over five years—you'll drive meaningful impact while building expertise that makes you a sought-after leader in the transformation of global work. We are seeking an Information Security Engineer to serve as a technical leader in designing, implementing, and optimizing our core security platforms. This role is crucial for advancing our defense-in-depth capabilities, ensuring adherence to global regulatory frameworks, and protecting sensitive data within our remote-first, global environment. The ideal candidate will own the entire lifecycle of multiple security solutions, translating best practices and compliance requirements into actionable technical controls. Responsibilities: - Act as the Subject Matter Expert (SME) for Endpoint Detection and Response (EDR) tools/process including optimizing configurations/policies, developing custom threat detection rules, and proactively improving Deel’s overall security posture for remote endpoints (Mac and Windows) and cloud assets (Eg, VMs). - Configure, manage, and tune the full suite of security policies within SWG, CASB and ZTNA. Assist our remote colleague with seamless experience through troubleshooting end user issues as needed. - Continuously improve SaaS security posture with SSPM tools and processes around it. Collaborate with diverse application owners, understand security control and resolve configuration drifts for our wide range of SaaS applications from baseline. - Develop a rigorous review, approval, policy enforcement and auditing for browser extensions, third party OAuth applications for SaaS applications such as Google Workspace, GitHub, Jira etc to meet security and privacy standards. - Design, implement, and audit security policies related to enterprise browsers (Eg, Island, Chrome Enterprise etc) including controlling access to sensitive web apps, and data loss prevention (DLP) configuration, ZTNA, secure web browsing experience but not limited to. - Manage DLP policies across Endpoint, Network, SaaS Applications and Cloud assets, directly supporting the "Crawl-Walk-Run" program phases. Ensure DLP policies meet diverse data sovereignty, privacy (GDPR, CCPA, etc.), and national regulatory requirements. - Run vulnerability management programs for endpoints and servers and ensure they are patched according to the policy in collaboration with stakeholders. Job Requirements: - 5+ years of experience in cybersecurity - Handson experience with security tools like EDR, SWG, CASB, ZTNA and DLP - Familiarity with cybersecurity frameworks and best practices, such as MITRE, NIST, CIS, ISO27001, SOC and others. - Experience in collaborating with internal stakeholders to rollout enterprise security solutions. - Understanding and having the ability to utilize Cloud platforms such as AWS, GCP, Azure to host security tooling. Having experience in utilizing SIEM to query security telemetry is a plus. - Experience managing secure email gateway is a plus. - Excellent English in both verbal and written. Advantages CISSP is good to have Total Rewards Our workforce deserves fair and competitive pay that meets them where they are. With scalable benefits, rewards, and perks, our total rewards programs reflect our commitment to inclusivity and access for all. Some things you’ll enjoy - Stock grant opportunities dependent on your role, employment status and location - Additional perks and benefits based on your employment status and country - The flexibility of remote work, including optional WeWork access At Deel, we’re an equal-opportunity employer that values diversity and positively encourage applications from suitably qualified and eligible candidates regardless of race, religion, sex, national origin, gender, sexual orientation, age, marital status, veteran status, disability status, pregnancy or maternity or other applicable legally protected characteristics. Unless otherwise agreed, we will communicate with job applicants using Deel-specific emails, which include @deel.com and other acquired company emails like @payspace.com and @paygroup.com. You can view the most up-to-date job listings at Deel by visiting our careers page. Deel is an equal-opportunity employer and is committed to cultivating a diverse and inclusive workplace that reflects different abilities, backgrounds, beliefs, experiences, identities and perspectives. Deel will provide accommodations on request throughout the recruitment, selection and assessment process for applicants with disabilities. If you require accommodations, please inform our Talent Acquisition Team via this link and a team member will be in touch to ensure your equal participation. If you have difficulty accessing the form, please email at recruiting@deel.com. As part of our hiring process, we primarily rely on interviews and role-related assessments. In limited cases, we may also consider informal background information relevant to the role, in line with our privacy and fairness obligations. This application process does utilise Automated Employment Decision Tools (AEDT) and AI systems to assist in evaluating candidates based on experience level, technical skills and qualifications. As a fully remote company, we also utilise AI-powered deepfake and fraud detection technologies to verify the authenticity of candidate identities and interactions during assessments and interviews. This processing is conducted in compliance with applicable Data Protection, AI Governance and Labour Laws. We ensure human oversight is maintained in all final hiring decisions. Your personal data is not used to train AI models. For more information on how we process your personal data, please see our Privacy Policy. - For NYC Residents: In accordance with NYC Local Law 144, an independent bias audit has been conducted on AEDT; results are available at Ashby, Covey.

Who we are is what we do. Deel is the all-in-one payroll and HR platform for global teams. Our vision is to unlock global opportunity for every person, team, and business. Built for the way the world works today, Deel combines HRIS, payroll, compliance, benefits, performance, and equipment management into one seamless platform. With AI-powered tools and a fully owned payroll infrastructure, Deel supports every worker type in 150+ countries—helping businesses scale smarter, faster, and more compliantly. Among the largest globally distributed companies in the world, our team of 7,000 spans more than 100 countries, speaks 74 languages, and brings a connected and dynamic culture that drives continuous learning and innovation for our customers. Why should you be part of our success story? As the fastest-growing Software as a Service (SaaS) company in history, Deel is transforming how global talent connects with world-class companies – breaking down borders that have traditionally limited both hiring and career opportunities. We're not just building software; we're creating the infrastructure for the future of work, enabling a more diverse and inclusive global economy. In 2024 alone, we paid $11.2 billion to workers in nearly 100 currencies and provided healthcare and benefits to workers in 109 countries—ensuring people get paid and protected, no matter where they are. Our momentum is reflected in our achievements and customer satisfaction: CNBC Disruptor 50, Forbes Cloud 100, Deloitte Fast 500, and repeated recognition on Y Combinator’s top companies list – all while maintaining a 4.83 average rating from 15,000 reviews across G2, Trustpilot, Captera, Apple and Google. Your experience at Deel will be a career accelerator. At the forefront of the global work revolution, you'll tackle complex challenges that impact millions of people's working lives. With our momentum—backed by a $17.3 billion valuation and $1 B in Annual Recurring Revenue (ARR) in just over five years—you'll drive meaningful impact while building expertise that makes you a sought-after leader in the transformation of global work. We are seeking an Information Security Engineer to serve as a technical leader in designing, implementing, and optimizing our core security platforms. This role is crucial for advancing our defense-in-depth capabilities, ensuring adherence to global regulatory frameworks, and protecting sensitive data within our remote-first, global environment. The ideal candidate will own the entire lifecycle of multiple security solutions, translating best practices and compliance requirements into actionable technical controls. Responsibilities: - Act as the Subject Matter Expert (SME) for Endpoint Detection and Response (EDR) tools/process including optimizing configurations/policies, developing custom threat detection rules, and proactively improving Deel’s overall security posture for remote endpoints (Mac and Windows) and cloud assets (Eg, VMs). - Configure, manage, and tune the full suite of security policies within SWG, CASB and ZTNA. Assist our remote colleague with seamless experience through troubleshooting end user issues as needed. - Continuously improve SaaS security posture with SSPM tools and processes around it. Collaborate with diverse application owners, understand security control and resolve configuration drifts for our wide range of SaaS applications from baseline. - Develop a rigorous review, approval, policy enforcement and auditing for browser extensions, third party OAuth applications for SaaS applications such as Google Workspace, GitHub, Jira etc to meet security and privacy standards. - Design, implement, and audit security policies related to enterprise browsers (Eg, Island, Chrome Enterprise etc) including controlling access to sensitive web apps, and data loss prevention (DLP) configuration, ZTNA, secure web browsing experience but not limited to. - Manage DLP policies across Endpoint, Network, SaaS Applications and Cloud assets, directly supporting the "Crawl-Walk-Run" program phases. Ensure DLP policies meet diverse data sovereignty, privacy (GDPR, CCPA, etc.), and national regulatory requirements. - Run vulnerability management programs for endpoints and servers and ensure they are patched according to the policy in collaboration with stakeholders. Job Requirements: - 5+ years of experience in cybersecurity - Handson experience with security tools like EDR, SWG, CASB, ZTNA and DLP - Familiarity with cybersecurity frameworks and best practices, such as MITRE, NIST, CIS, ISO27001, SOC and others. - Experience in collaborating with internal stakeholders to rollout enterprise security solutions. - Understanding and having the ability to utilize Cloud platforms such as AWS, GCP, Azure to host security tooling. Having experience in utilizing SIEM to query security telemetry is a plus. - Experience managing secure email gateway is a plus. - Excellent English in both verbal and written. - CISSP is a plus Nous recherchons un Ingénieur en Sécurité de l'Information pour occuper un rôle de leader technique dans la conception, la mise en œuvre et l'optimisation de nos plateformes de sécurité principales. Ce poste est essentiel pour renforcer nos capacités de défense en profondeur, garantir la conformité aux réglementations mondiales et protéger les données sensibles dans notre environnement entièrement à distance et international. Le candidat idéal prendra en charge l'ensemble du cycle de vie de plusieurs solutions de sécurité, en traduisant les bonnes pratiques et les exigences de conformité en contrôles techniques concrets. Responsabilités: - Agir en tant qu'Expert en la Matière (SME) pour les outils et processus de Détection et Réponse (EDR), notamment en optimisant les configurations et politiques, en développant des règles de détection des menaces personnalisées, et en améliorant de manière proactive la posture de sécurité globale de Deel pour les utilisateurs distants (Mac et Windows) et les ressources cloud (ex. : machines virtuelles). - Configurer, gérer et affiner l'ensemble des politiques de sécurité au sein des solutions SWG, CASB et ZTNA. Accompagner nos collaborateurs à distance en résolvant les problèmes des utilisateurs finaux pour assurer une expérience fluide. - Améliorer en continu la posture de sécurité SaaS grâce aux outils SSPM et aux processus associés. Collaborer avec les différents propriétaires d'applications, comprendre les contrôles de sécurité et résoudre les dérives de configuration par rapport aux référentiels de nos applications SaaS. - Mettre en place un processus rigoureux de révision, d'approbation, d'application des politiques et d'audit pour les extensions de navigateur et les applications OAuth tierces des applications SaaS telles que Google Workspace, GitHub, Jira, etc., afin de répondre aux exigences de sécurité et de confidentialité. - Concevoir, mettre en œuvre et auditer les politiques de sécurité relatives aux navigateurs d'entreprise (ex. : Island, Chrome Enterprise, etc.), notamment le contrôle de l'accès aux applications web sensibles, la configuration de la prévention des pertes de données (DLP), le ZTNA et une expérience de navigation web sécurisée, entre autres. - Gérer les politiques DLP sur les endpoints, le réseau, les applications SaaS et les ressources cloud, en soutenant directement les phases du programme « Crawl-Walk-Run ». Veiller à ce que les politiques DLP répondent aux exigences variées en matière de souveraineté des données, de confidentialité (RGPD, CCPA, etc.) et de réglementations nationales. - Piloter les programmes de gestion des vulnérabilités pour les endpoints et les serveurs, et s'assurer qu'ils sont corrigés conformément à la politique définie, en collaboration avec les parties prenantes. Profil recherché - 5 ans d'expérience ou plus en cybersécurité - Expérience pratique des outils de sécurité tels que EDR, SWG, CASB, ZTNA et DLP - Maîtrise des référentiels et bonnes pratiques en cybersécurité (MITRE, NIST, CIS, ISO 27001, SOC, etc.) - Expérience dans la collaboration avec des parties prenantes internes pour le déploiement de solutions de sécurité en entreprise - Compréhension des plateformes cloud (AWS, GCP, Azure) et capacité à les utiliser pour héberger des outils de sécurité. Une expérience avec un SIEM pour l'analyse de la télémétrie de sécurité est un atout. - Une expérience dans la gestion d'une passerelle e-mail sécurisée est un atout - Excellent niveau d'anglais, à l'oral comme à l'écrit Atout - La certification CISSP est appréciée Total Rewards Our workforce deserves fair and competitive pay that meets them where they are. With scalable benefits, rewards, and perks, our total rewards programs reflect our commitment to inclusivity and access for all. Some things you’ll enjoy - Stock grant opportunities dependent on your role, employment status and location - Additional perks and benefits based on your employment status and country - The flexibility of remote work, including optional WeWork access At Deel, we’re an equal-opportunity employer that values diversity and positively encourage applications from suitably qualified and eligible candidates regardless of race, religion, sex, national origin, gender, sexual orientation, age, marital status, veteran status, disability status, pregnancy or maternity or other applicable legally protected characteristics. Unless otherwise agreed, we will communicate with job applicants using Deel-specific emails, which include @deel.com and other acquired company emails like @payspace.com and @paygroup.com. You can view the most up-to-date job listings at Deel by visiting our careers page. Deel is an equal-opportunity employer and is committed to cultivating a diverse and inclusive workplace that reflects different abilities, backgrounds, beliefs, experiences, identities and perspectives. Deel will provide accommodations on request throughout the recruitment, selection and assessment process for applicants with disabilities. If you require accommodations, please inform our Talent Acquisition Team via this link and a team member will be in touch to ensure your equal participation. If you have difficulty accessing the form, please email at recruiting@deel.com. As part of our hiring process, we primarily rely on interviews and role-related assessments. In limited cases, we may also consider informal background information relevant to the role, in line with our privacy and fairness obligations. This application process does utilise Automated Employment Decision Tools (AEDT) and AI systems to assist in evaluating candidates based on experience level, technical skills and qualifications. As a fully remote company, we also utilise AI-powered deepfake and fraud detection technologies to verify the authenticity of candidate identities and interactions during assessments and interviews. This processing is conducted in compliance with applicable Data Protection, AI Governance and Labour Laws. We ensure human oversight is maintained in all final hiring decisions. Your personal data is not used to train AI models. For more information on how we process your personal data, please see our Privacy Policy. - For NYC Residents: In accordance with NYC Local Law 144, an independent bias audit has been conducted on AEDT; results are available at Ashby, Covey.

• Design, implement, and operate cloud and infrastructure security controls across Azure-first environments, with supporting coverage in AWS. • Implement and maintain security monitoring, detection, and response capabilities, leveraging SIEM, cloud-native tooling, and endpoint/network telemetry. • Participate in security incident response activities, including investigation, containment, remediation, and post-incident analysis. • Collaborate with engineering and platform teams to securely design and deploy SaaS and on-prem solutions, including infrastructure hardening and secure configuration. • Develop, tune, and maintain security alerts and detections to improve signal quality and reduce noise. • Support vulnerability management activities, including infrastructure scanning, risk triage, remediation tracking, and validation. • Partner with compliance and GRC functions to support SOC 1, SOC 2, ISO 27001, 27017, and 27018 requirements through effective technical controls and evidence generation. • Implement and operate identity, access, and secrets management controls for cloud and infrastructure environments. • Help define and continuously improve security runbooks, operational procedures, and response playbooks. • Evaluate, implement, and support security tooling related to cloud security posture management, logging, endpoint protection, and threat detection. • Stay current on emerging threats, attacker techniques, and cloud security trends, applying this knowledge to improve defenses. • Provide mentorship and technical guidance to less-experienced security engineers as appropriate, without direct people-management responsibility.

• Develops and aligns system security architectures with organizational cybersecurity guidelines, including defining security boundaries, documenting system categorization, and analyzing user needs and requirements. • Develops focused guidance for specific security mechanisms such as encryption for data at rest. • Assesses and evaluates security postures, reviews candidate architectures, identifies protection needs, and determines how new systems or interfaces impact enterprise security. • Identifies and documents security and privacy requirements, including types of personal information, stakeholder interests, and data that require protection, ensuring proper allocation at both system and organizational levels. • Supports acquisition and procurement efforts by providing input on security requirements for statements of work, project costs, and translating proposed capabilities into technical specifications. • Contributes to risk management and compliance, performing architecture reviews, identifies security gaps, supports RMF activities, and maintains documentation throughout the acquisition lifecycle. • Provides high-quality technical, engineering, analytical, and planning support to meet the organization's requirements. • Performs architectural review and analysis, developing strategic enterprise solutions that address the evolving business requirements and changing cybersecurity threat landscape. • Develops and delivers reports (e.g., reference architectures, white papers, roadmaps, architecture risk analysis) to facilitate the following, including but not limited to: Define and develop security architecture and engineering standards. Develop business use cases and design patterns to articulate the organization's goals and objectives. Document the current “as-is” through a holistic review of the agency enterprise. Develop an envisioned target “to-be” based on the agency's needs and threat models. Assess the gaps between “as-is” and “to-be”, and provide roadmaps to close gaps. Develop baselines and reference architectures consistent with standard frameworks. Perform Architect Risk Analysis (ARA) through systematic and comprehensive reviews. Identify, integrate, mature, and communicate key concepts that define continued direct interaction with the agency’s technical and operational leadership. Identify, frame, and support the resolution of critical issues impacting the organization. Update artifacts periodically to meet regulatory, audit, and compliance requirements.