Own and drive the IT and Security roadmap, aligning it with Trufla's business objectives
Lead, mentor, and grow the IT & Security team across Cairo and Canada offices
Act as the primary point of escalation for all IT and security-related matters
Report on IT and security program health, KPIs, and risk posture to senior leadership
Manage vendor relationships, contracts, and procurement for IT and security tooling
SOC 2 Compliance
Lead the end-to-end implementation of SOC 2 (Type I and Type II) compliance across the organization
Conduct gap assessments against SOC 2 Trust Service Criteria (Security, Availability, Confidentiality, Processing Integrity, and Privacy)
Develop, document, and enforce the policies, procedures, and controls required to meet SOC 2 requirements
Coordinate with external auditors and manage the audit process through to successful certification
Maintain and continuously improve SOC 2 compliance posture post-certification, ensuring controls remain effective and audit-ready year over year
Train and align internal stakeholders on their responsibilities within the SOC 2 control framework
Security
Demonstrate a thorough understanding of business processes, risk management, IT controls, and related standards
Identify and evaluate business and technology risks; design and implement appropriate controls, technologies, and processes to mitigate them
Conduct and oversee capability assessments, developing pragmatic remediation strategies and good practice recommendations
Lead the review of security-related events, assessing risk and validity, and producing clear executive reporting
Conduct research to maintain and expand knowledge of the latest security technologies, standards, and the evolving threat and vulnerability landscape
Work with security vendors to evaluate solution offerings and advise on appropriate technologies
Conduct and oversee penetration testing activities
Develop and deliver security awareness training programs across the organization
IT Support & Operations
Oversee the analysis, diagnosis, and resolution of complex workstation and infrastructure problems for end users in Cairo and remotely for other offices
Ensure the installation, configuration, testing, maintenance, monitoring, and troubleshooting of end-user workstations, hardware, software, and telephony equipment
Manage and improve incident ticketing processes, ensuring timely response and resolution
Oversee move, add, and change (MAC) requests as submitted by line managers
Maintain and uphold procedures for logging, reporting, and statistically monitoring workstation operations
Liaise with third-party support vendors and software/hardware providers as needed
Participate in an on-call rotation for after-hours and weekend critical support
Job Qualifications
College diploma or university degree in Computer Science, Information Security, or a related field, or equivalent professional certification
7+ years of experience in a Network, IT, or Security role
3+ years of experience leading an IT or Security team
Demonstrated hands-on experience implementing or managing SOC 2 compliance (Type I and/or Type II)
Strong knowledge of security frameworks and standards (SOC 2, ISO 27001, NIST, CIS Controls)
Sound technical knowledge of PC hardware, networking, mobile devices, and related technologies
Working knowledge of current operating systems, protocols, and infrastructure standards
Experience conducting penetration testing
Able to read and understand technical manuals, procedural documentation, and OEM guides
Experience working in a team-oriented, collaborative environment across multiple time zones
