Senior Security & Compliance Engineer
Listed on 2026-07-18
-
IT/Tech
Cybersecurity
Who we are
Upstream is a global leader in mobile marketing automation and digital service innovation, enabling Mobile Network Operators (MNOs) and brands to grow revenue, improve customer engagement and succeed in the digital economy. With over two decades of experience and operations spanning 45+ markets across Africa, Latin America, Asia, Europe, and the Middle East, we are a trusted partner to more than 60 MNOs worldwide.
Headquartered in Athens, Greece, and with regional hubs in London, Dubai, Johannesburg, Lagos, São Paulo and Rio de Janeiro, Upstream combines global expertise with deep local insight. Our end-to-end approach encompasses strategy, creative development, technical deployment, campaign execution, and ongoing optimization, ensuring seamless, scalable, and performance-driven service delivery.
Our focus centers on bringing domain-specific security knowledge, skills, and best practices to our talented network and engineering teams. We are seeking a Sr. Security & Compliance Engineer to provide added value services, helping ensure our business remains highly available, flexible, and robust. An ideal candidate would be a passionate engineer who is dedicated to pursuing complicated technical security problems and coming up with robust engineering solutions.
This role requires someone who can exhibit a technical lead role for projects and technologies, who acts as a crucial point of reference within the company, and thrives in challenging, production-facing environments.
- Monitor and respond to security events, managing escalation and acting as a liaison during security incidents.
- Serve as a dedicated security analyst for critical projects.
- Lead the vulnerability management lifecycle, overseeing installation and patching efforts.
- Conduct specialized security work, including security audits, Penetration Testing (e.g., CHECK, CREST, CEH, TIGER), evidence collection, and forensics analysis.
- Drive and own technical tasks, pursuing their completion within time and technological constraints.
- Contribute to end-user security education and awareness.
- Maintain and update compliance posture, ensuring security policies and standards remain current and effective.
- Serve as a primary technical resource for security-related client discussions, articulating technical concepts to various types of audiences.
- Provide essential security content and review for commercial engagements, including RFPs, bids, and client assurances.
- Networking & Infrastructure: Excellent knowledge of TCP/IP and comprehensive understanding of the core Linux network stack.
- Security Testing Methodologies: Expert proficiency in essential security disciplines including Network Traffic and Protocol Analysis, comprehensive Vulnerability Assessment and Scanning methodologies, network service enumeration, and hands‑on Web Application Penetration Testing techniques.
- System and Infrastructure Hardening: Proven, hands‑on experience in developing, implementing, and auditing standardized security baselines, robust configuration management controls, and effective patch management strategies across diverse operating system and application platforms, including critical data services.
- Security Control Systems: Deep knowledge and hands‑on experience with SIEM solutions and Vulnerability Management platforms.
- Experience implementing and managing IPS Systems (Cisco, Checkpoint) and Firewalls (Cisco, Checkpoint).
- Proficiency with DLP and Endpoint Protection solutions, including Application Control and Device Control.
- Experience with Web Application Firewalls (WAF).
- Familiarity with products for IDAM (Identity and Access Management).
- Data Protection: Experienced in data encryption technologies and products.
- Development: High-quality Python/shell development experience is considered a plus.
- Knowledge of Cloud and Mobile Security Architecture: Experience with cloud and mobile security principles and practices.
- Experience in datacenter protection strategies.
- Security Governance: Demonstrable knowledge of common security standards and compliance frameworks (e.g., ISO 27001, NIST Cybersecurity Framework, SOC
2) and practical…
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search: