Powering the Future of Learning.
Security & Compliance Lead
Location
India
Posted
2 days ago
Salary
0
Seniority
Senior
Job Description
Security & Compliance Lead
Playpower Labs
• Own security and compliance across product, engineering, cloud, vendors, and internal systems. • Build practical security controls around auth, access, secrets, data privacy, infrastructure, and deployments. • Create safe usage guidelines for AI tools, agents, MCP servers, tool calling, and automation workflows. • Run vulnerability management, security reviews, risk assessments, and incident response planning. • Drive compliance readiness for frameworks like SOC 2, ISO 27001, GDPR, or similar. • Help teams handle sensitive data properly, especially when using AI tools and third-party platforms. • Train the team on secure development, AI safety, privacy basics, and common attack patterns. • Bring a startup mindset: fast decisions, clear ownership, practical fixes, and no security theater.
Job Requirements
- Strong experience in security, compliance, risk, or application/cloud security.
- Good understanding of OWASP, cloud security, IAM, secrets management, vulnerability scanning, CI/CD security, and incident response.
- Familiarity with compliance frameworks like SOC 2, ISO 27001, GDPR, HIPAA, or similar.
- AI-native mindset: you understand the risks around AI tools, agents, MCPs, data leakage, permissions, and prompt/tool misuse.
- Product-minded, practical, calm under pressure, and allergic to pointless bureaucracy.
Benefits
- Remote work
- Real ownership
- Space to build the security function properly
- Small team that wants security to be sharp, practical, and built into how we ship.
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
Role Description inventYOU is looking for Cybersecurity Trainings & Exercises Experts to support the preparation, customisation and delivery of cybersecurity exercises and training activities. The role focuses on: - Cybersecurity trainings - Tabletop exercises - Operational and technical exercises - Awareness activities - Training material preparation - Exercise assessment Key Responsibilities: - Support the preparation and delivery of cybersecurity exercises. - Contribute to tabletop, operational, technical and awareness-raising exercises. - Develop, customise and localise training and exercise material. - Support the use of exercise platforms, systems or digital collaboration tools. - Deliver cybersecurity training sessions for technical and non-technical audiences. - Prepare presentations, case studies, exercises, assessment templates and supporting documentation. - Assess the impact of trainings and exercises through feedback, quizzes or evaluation mechanisms. - Prepare reports, lessons learned and recommendations for improvement. Qualifications - Bachelor’s degree in Computer Science, Computer Engineering or equivalent. - Intermediate level: at least 3 years of relevant professional experience. - Senior level: at least 6 years of relevant professional experience. - Experience in cybersecurity training and/or cybersecurity exercises. - Experience in tabletop, operational, technical or awareness-raising exercises. - Experience in developing, customising or localising cybersecurity training/exercise material. - Ability to prepare scenarios, injects, presentations, case studies, assessment templates or supporting documentation. - Familiarity with exercise platforms, training systems or digital collaboration tools. - Strong communication, presentation and facilitation skills. - Ability to assess training/exercise impact through feedback, quizzes or evaluation mechanisms. - Very good command of English: B2 for Intermediate level, C1 for Senior level. Benefits - Join a people-focused technology company with an international mindset. - Work on challenging projects for European clients and organisations. - Be part of a collaborative and supportive team environment. - Gain exposure to cybersecurity, technology and digital transformation projects. - Develop your skills through hands-on experience and continuous learning. - Work with experienced professionals across different business and technology domains.
Senior API Security Product Manager
Akamai TechnologiesAt Akamai, we make life better for billions of people, billions of times a day. Every moment, billions of people, all over the world, are using the internet to shop, play games, look after finances, learn remotely, share videos, connect across the world, and so much more. These life-shaping digital experiences wouldn’t be possible without Akamai. We power and protect life online. It’s an extraordinary mission, and our global teams achieve it by solving the toughest challenges, and turning the impossible into the possible. With the world’s most distributed compute platform — from cloud to edge — we make it easy for businesses to develop and run applications, while we keep experiences closer to users and threats farther away. That’s why innovative companies worldwide choose Akamai to build, deliver, and secure their digital experiences. Thanks to our world’s most distributed platform for cloud computing, security, and content delivery. Akamai keeps applications and experiences closer and threats farther away. Devoted, determined problem-solvers who share a passion for technology, we’re always pushing ground-breaking ideas and driving innovation. Do you want to power and protect life online, by solving the toughest challenges with us? Be part of an amazing team!
• Shipping product strategy and roadmap and aligning it with stakeholders, the company vision, and market trends. • Working directly with customers and the field to understand problems, personas, and gather feedback. • Collaborating with engineering to define and deliver new features. • Working with the product marketing team to develop effective business and market communications.
• Review and enrich playbooks and see opportunities for automation efficiencies in our Security detection and response capabilities. • Liaising with the Engineering teams on incident response, vulnerability management and remediation actions • Responsible for providing technical expertise in the support of security incidents using a plethora of leading security tools, coupled with continuous learning and training • Working with AWS & GCP Cloud-native security tooling such as GuardDuty, Security Hub, GCP Security Command Center to ensure a level of protection & monitoring of threats in Auctane Public Cloud environments. • Following up on regular security reviews, vulnerability, risk assessments and audits utilising our CSMP tool Wiz and Endpoint vulnerability tool Crowdstrike. • Building relationships with all staff to promote “Security by Design” throughout the Engineering Teams and wider business. • Being part of the internal Infosec / cyber security incident process - investigate suspected attacks and help manage security incidents, including providing post-mortem analysis, identify causes, develop solutions and preventive measures • Responding swiftly to new and emerging security threats and vulnerabilities, investigate suspected attacks and be an integral part of the Information security incident process • Learning and training, to enhance knowledge of Security Orchestration and Automation.
Role Description The focus of this role is to bolster Auctane's global engineering and operations within the Information Security Group. This position reports directly to the CISO and entails the leadership of several security programs within the engineering and operations teams. The successful candidate will be instrumental in defining and developing the technology and processes governing cybersecurity practices to secure Auctane's global infrastructure. The role will specifically concentrate on securing the Enterprise and Cloud Infrastructures, alongside managing security operations responsibilities. This critical role requires a successful candidate to be a key contributor in establishing and evolving the technology and processes that define Auctane's global cybersecurity practices. The primary focus of this position is to secure the Enterprise and Cloud Infrastructures while also managing core security operations. The Infosec group operates as part of the broader R&D Tech function, which utilizes modern architectural patterns and technologies, including AI, at scale and pace. This is a full remote role based in Spain with a 10% international travel requirement. About the team - Flat and open engineering culture where diverse opinions and perspectives are valued. - Decisions driven by data and evidence, superseding opinion and hierarchy. - Honest and frank discussions are encouraged. - Formation of autonomous, cross-functional teams empowered to deliver our ambitious strategy. What will you be doing? - Design, implementation, and maintenance of organizational security systems and solutions. - Development of controls on security systems, via automation and feature development to support vulnerabilities and incident detection. - Performing threat and risk assessments to prioritize remediations and follow through closure. - Develop and operate standard Incident Response and Risk Management playbooks and adapt during incidents. - Learn and adapt new technologies and processes based on vendor training and market research. Qualifications - Bachelor's degree or equivalent working experience in the tech field. - At least 3-4 years of experience in the Cybersecurity field. - Advanced level experience in one or two security domains within the Enterprise and Cloud Infrastructures. - Strong problem-solving and research skillset to hypothesize, test, and learn during troubleshooting process. - Curiosity and desire to learn new technologies, and quickly adapt. - Ability to write clear technical documentation and effectively explain security issues to both technical and non-technical audiences. What will make you stand out? - Direct experience in cybersecurity domains and projects related to engineering and operations. - Foundational security certifications such as CompTIA Security+, Network+, or AWS Security certifications are highly preferred. The tech stack - AWS, GCP, SaaS, and Enterprise. - Artificial Intelligence Solutions (Gemini, Claude, internal). - CNAPP, DSPM, and Cloud Security Solutions. - Application Security Technologies (DAST, SAST, SCA, ASM). - Email Security Technologies. - SIEM Solutions and Detection Technologies. - Google Workspace. - Vulnerability Management Solutions. - Application Security. - Python, PowerShell, Bash. Benefits - Clear and transparent compensation plan. - Flexible salary benefits. - Private health insurance free for all employees via Cigna, plus we cover 50% for your family members. - Generous time off: 26 days of holiday per year (23 base days + your birthday off, Christmas Eve, and New Year’s Eve). - Your gear, your choice: Mac or Windows, or need an extra screen. - Annual Salary Review to reflect your individual development, achievements, and impact. - Grow your skills with up to €2,000/year in training (certifications, conferences, workshops). - Access to internal and external training, including platforms like LinkedIn Learning, completely free. - Holistic wellness program including access to Wellhub, Curalinc (psychological support), and regular health webinars & challenges. - Volunteer day: Take two days off a year to volunteer. - Free therapy vouchers. - Health & wellness support: Up to €55/month for gym or fitness classes. - Weekly language classes in small groups with expert instructors. - Time for health: 8 hours per year for personal medical appointments and 10 hours per year for family’s medical needs. - Work-life balance: Flexible and people-first approach. - Inclusive, upbeat culture where diversity is celebrated. - A global, multicultural team with 20+ nationalities. - Packlink Pro discount: 99% off personal shipments. - Referral bonuses for candidates referred. - Central Madrid office with free snacks and drinks. - Regular team-building activities and meetups.


