Data Security Engineer

Job Overview

Job Description

About Us:

Our client is pioneering a new approach to men's mental health. Our innovative app provides a safe, accessible, and destigmatised space for men to engage with mental wellness. We combine evidence-based practices, personalised insights, and a supportive community to empower users on their journey. Data is at the core of delivering these personalised experiences, and the trust and privacy of our users are paramount.

The Opportunity:

We are seeking a highly skilled and ethically driven Data Security Engineer to fortify the defences around our sensitive user data. In this critical role, you will be the guardian of our data ecosystem, designing, implementing, and maintaining robust security measures across all stages of our data lifecycle. Given the deeply personal nature of mental health information, your expertise will directly ensure the privacy, integrity, and availability of data for thousands of users, fostering the trust essential for our mission.

If you are passionate about cybersecurity, thrive on complex challenges, and are driven by the opportunity to protect sensitive information for a meaningful cause, we encourage you to apply.

What You'll Do:

Architect & Implement: Design, build, and implement secure data architectures, controls, and practices across our cloud environment (AWS, Azure, or GCP) and internal systems.

Threat Detection & Prevention: Develop and maintain systems for identifying, monitoring, and mitigating data security threats, vulnerabilities, and risks.

Access Control: Engineer and manage robust access control mechanisms (IAM) for all data stores, ensuring least privilege access for both human and system accounts.

Encryption & Key Management: Implement and manage data encryption strategies at rest and in transit, including robust key management solutions.

Compliance & Audit: Ensure all data handling and security practices are compliant with relevant regulations (e.g., HIPAA, GDPR, CCPA) and conduct regular security audits and assessments.

Data Loss Prevention (DLP): Design and deploy DLP strategies to prevent unauthorized access, use, or transfer of sensitive information.

Incident Response: Collaborate with incident response teams, providing expertise on data breaches and post-incident analysis related to data security.