Richmond Hill, ON

Who We Are

Embross delivers market-leading passenger automation and self-service technologies to the global travel market. That last flight you jumped on, there is a good chance an Embross hardware or software solution helped facilitate part of your airport experience. The world’s leading airlines and airports use Embross’ range of service technologies to help make the passenger travel experience faster, simpler, and less stressful. For our partners, that translates to offering more flights, more often with more (happy) passengers on board.

So, what’s great about what we do? We get to think creatively across a diverse solution stack of hardware and software to solve service and operations challenges for the world’s

What You’ll Do

We pride ourselves on staying ahead of the curve as we help our customers optimize and improve their service delivery models. We’re excited to be entering a new transformative phase of our stack as we explore new products, and new capabilities and embrace the growing data-driven demands of these environments.

As the Security Risk and Compliance Lead, you will be responsible for driving the maturity of our cybersecurity program, ensuring regulatory alignment, and enabling the business to meet customer expectations with confidence and speed. You’ll work across teams to implement controls, respond to risks, and streamline compliance efforts.

In this role, You will:

• Strategic & Customer-Facing Responsibilities

• Lead Security Posture for RFPs and Customer Engagements: Own the security and compliance sections of RFPs, questionnaires, and due diligence requests. Ensure our posture meets or exceeds customer expectations and streamline responses for faster turnaround.

• Ensure Regulatory and Contractual Compliance: Maintain alignment with GDPR, ISO27001, and other applicable standards. Track obligations and proactively address gaps.

• Develop and Maintain Cybersecurity Policies: Create and update documentation to reflect current practices and regulatory requirements. Ensure policies are accessible, actionable, and auditable.

• Program Execution & Governance

• Drive Cybersecurity Initiatives and Project Execution: Lead planning, tracking, and delivery of security-related projects across infrastructure, engineering, and business teams.

• Manage Vulnerability Remediation Efforts: Coordinate with stakeholders to prioritize and resolve findings from scans, assessments, and penetration tests.

• Support Disaster Recovery and Incident Response Planning: Help develop, test, and maintain business continuity and incident response plans.

• Operational & Technical Oversight

• Monitor and Respond to Security Alerts: Triage inbound alerts from SIEM, endpoint protection, and cloud platforms. Escalate and coordinate response as needed.

• Introduce Security into Development Workflows: Collaborate with engineering teams to embed secure coding practices and DevSecOps principles.

• Support SBOM Creation and Compliance: Assist in building and maintaining Software Bills of Materials to meet regulatory and customer requirements.

Culture & Awareness

• Lead Security Roundtables and Awareness Efforts: Facilitate discussions, training, and campaigns to promote best practices and a security-first mindset across departments.

Who You Are

• You have a post-secondary degree in cybersecurity or a related field, or equivalent real-world experience in security operations and compliance.
• 3+ years of hands-on experience in SOC operations, policy creation, and security program execution.
• Familiarity with alert management platforms, SIEM tools, and vulnerability scanning solutions.
• Solid understanding of secure software development practices and DevSecOps principles.
• Working knowledge of GDPR, ISO27001, and other relevant compliance frameworks.
• Strong analytical and communication skills, with the ability to translate technical risks into business impact.
• Proven ability to deliver exceptional customer service, including clear communication, effective problem-solving, and professionalism when engaging with internal and external stakeholders.
• Self-motivated, organized, and capable of working independently with minimal supervision.
• Excellent written and verbal communication skills in English.

Bonus If You Also Have

• Industry-recognized certifications such as CISSP, CISM, or CompTIA Security+.
• Experience with SBOM tools and familiarity with secure coding standards (e.g., OWASP, NIST SSDF).
• Exposure to penetration testing and threat modeling, including coordination with external assessors or internal red teams.
• Hands-on experience with Microsoft Defender, Microsoft Sentinel, Nessus, Jira, and compliance management platforms such as Microsoft Compliance Manager, Drata, or Vanta.
• Familiarity with automating compliance workflows, tracking evidence, and responding to audits or customer assessments efficiently.

Travel

You will be working from the Richmond Hill, Office. However, you will be expected to travel to each company site at least once annually to support cross-functional collaboration, participate in planning sessions, and maintain strong relationships with stakeholders.

What We Offer

• World-class product engineering and development - You will join a team of leaders who are dedicated to creating innovative and impactful solutions for our clients and their customers.
• Career growth and development - As a build-from-within company, we are committed to offering you a competitive salary package with responsibilities and projects designed to build mastery and leadership throughout the course of your career.
• Dynamic and respectful work environment - Working alongside some of the brightest minds, you will collaborate on impactful work within a supportive environment - one where company values are always embraced and expressed, and diversity is a business imperative.

To support our talented workforce, apart from the base salary, we also offer:

• Employer-paid Health, wellness, and lifestyle benefits to balance your heart, mind, and body which includes Health, Dental, Vision, Life Insurance
• STD and LTD Benefits*.*
• A minimum of 3% of your base salary towards GRSP as an employer contribution.
• Opportunity to participate in the Performance-based Profit-Sharing Program and earn up to an additional 15% of your Base Salary.
• Flexible working environment.
• Frequent social events – BBQ, Bowling, Picnics, Food drives, parties, and a lot more.

Embross values diversity and people of all backgrounds and abilities. Should you require any accommodations prior to or during the interview process, please email careers@embross.com