If you’re here, it’s because you’re looking for an exciting ride. 

A ride that will fuel up your ambitions to take on a new challenge and stretch yourself beyond your comfort zone. 

We’ll deliver a non-vanilla culture built on talent, where we work to amplify the impact on millions of people, paving the way forward together. 

Not your usual app. We are the fastest-growing multi-category app connecting millions of users with businesses, and couriers, offering on-demand services from more than 170,000 local restaurants, grocers and supermarkets, and high street retail stores. We operate in more than 1500 cities across 23 countries. 

Together we revolutionise the way people connect with their everyday needs, from delivering essentials to connecting our ecosystem of users through innovative solutions powered by technology. For us, every day is filled with purpose.

What makes our ride unique? 

🤝 Our culture and strong values. 

💪 Our career development philosophy. 

🤝 Our commitment to being a force for good. 

We have a vision: Building the largest marketplace in your city, to give access to anything in minutes. And this is where your ride starts.

YOUR MISSION

Glovo is currently seeking a Security Engineer for the Security GRC team with focus on Compliance to strengthen our organization's security posture and ensure adherence to a rapidly evolving regulatory landscape. In this  role, you will be pivotal in managing traditional security frameworks like PCI and ISO. The ideal candidate has a strong background in cybersecurity, a keen interest in AI security governance, and the ability to translate complex legal requirements into practical, actionable security controls.

THE JOURNEY

• Develop, implement, and maintain security policies and procedures in line with relevant compliance frameworks (e.g., ISO 27001, NIST, SOC 2, GDPR, NIS2).
• Build and maintain the control matrix in alignment with multiple compliance frameworks and standards, ensuring a clear mapping of controls to requirements. 
• Implement processes and tools for continuous monitoring of security controls and compliance metrics to ensure ongoing adherence to policies.
• Lead the end-to-end security certification and re-certification process (such as PCI DSS, ISO 27001, NIS2, among others).
• Conduct internal assessments to identify gaps, weaknesses, or non-compliance issues within our security controls. Support external audits by preparing documentation and coordinating with auditors.
• Create and maintain comprehensive documentation for all compliance-related activities, including audit findings, risk assessments, and remediation efforts. Prepare regular reports for management on the status of our security posture.
• Coordinate and respond to customer security inquiries and due diligence questionnaires (e.g., SIG, CAIQ). Review and provide input on contract modifications related to security, data protection, and privacy.
• Serve as a key liaison between technical teams, legal, internal audit, and business units to ensure a unified approach to security and compliance
• Assist in developing and delivering security awareness programs to educate employees on best practices and compliance requirements.

Assist inassessing security risks, recommending and implementing mitigation strategies,  maintaining a risk register and monitoring the status of remediation plans.

WHAT YOU WILL BRING TO THE RIDE

• BA/BS in Computer Science, Information Systems, or similar field.
• Professional security certifications (CISSP, CISM, CISA, ISO 27001 Lead Implementer or equivalent).
• Minimum 5 years of experience in the field or in a related area.
• Solid understanding and previous experience of security control frameworks (NIST, PCI DSS, GDRP, ISO 27001, NIS2)
• Hands-on experience with GRC platforms (e.g. RSA Archer, SAP GRC, StandardFusion, ServiceNow, OneTrust, etc).
• Strong ability to manage and report on multiple projects, prioritizing efforts, managing time effectively, and requiring minimal direction in the execution.
• Proven problem solving, analytical and investigative skills combined with the ability to develop creative solutions and navigate through ambiguity in a fast-paced, agile environment.
• Proven team player, collaborating well with others to tackle problems in a team-focused dynamic.
• Excellent written and communications skills, as well as strong interpersonal and relationship building skills.
• Experience with compliance in cloud environments (AWS, Azure, GCP) and knowledge of frameworks like the Cloud Controls Matrix (CCM).

Nice to have: 

• Development skills to automate integrations or processes (e.g. python). 
• Experience with developing, documenting, and testing Business Continuity Plans (BCP) and Disaster Recovery (DR) plans.
• Working knowledge of the EU AI Act, including its risk-based approach and requirements for high-risk and general-purpose AI models. Familiarity with AI security threats and relevant frameworks (NIST AI RMF, MITRE ATLAS).

Individuals representing diverse profiles, and abilities, encompassing various genders, ethnicities, and backgrounds, are less likely to apply for this role if they do not possess solid experience in 100% of these areas. Even if it seems you don't meet our musts don't let it stop you, we are all about finding the best talent out there! Skills can be learned, and embracing diversity is invaluable.

We believe driven talent deserves:

• 🌟 An enticing equity plan that lets you own a piece of the action.
• 💪 Top-notch private health insurance to keep you at your peak.
• 🍔 Monthly Glovo credit to satisfy your cravings!
• 💳 Discounts on transportation, food, and even kindergarten expenses.
• 🏊 Discounted gym memberships to keep you energized.
• 🏖️ Extra time off, the freedom to work from home two days a week, and the opportunity to work from anywhere for up to three weeks a year!
• 👪 Enhanced parental leave, and office-based nursery.
• 🧠 Online therapy and wellbeing benefits to ensure your mental well-being.

Here at Glovo, we thrive on diversity, we believe it enhances our teams, products, and culture. We know that the best ideas come from a mashup of brilliant diverse minds. This is why we are committed to providing equal opportunities to talent from all backgrounds - all genders, racial/diverse backgrounds, abilities, ages, sexual orientations and all other unique characteristics that make you YOU. We will encourage you to bring your authentic self to work, fostering an inclusive environment where everyone feels heard. 

Feel free to note your pronouns in your application (e.g., she/her/hers, he/him/his, they/them/theirs, etc).

So, ready to take the wheel and make this the ride of your life? 

Delve into our culture by taking a peek at our Instagram and check out our Linkedin and website!