KEY RESPONSIBILITIES:

The IT Security & Compliance Specialist will be the guardian of UrBox’s technical integrity. You will lead the efforts to achieve PCI-DSS SAQ-D compliance, harden our PostgreSQL databases, and secure our MLOps pipelines. Your mission is to proactively identify vulnerabilities and architect robust fraud detection mechanisms across our operations.

• Compliance & Audit: Lead the technical implementation and documentation for PCI-DSS SAQ-D certification by Q1 2026. Conduct regular internal audits to ensure continuous compliance.
  
• Database & Infrastructure Hardening: Secure PostgreSQL environments using RBAC, Row-Level Security (RLS), and audit logging. Ensure high-level encryption for sensitive data.
  
• MLOps Security: Integrate security checkpoints into the AI/ML lifecycle. Protect ML models and data pipelines from poisoning, inversion attacks, and unauthorized access.
  
• Vulnerability Management: Perform regular VAPT (Web, Mobile, Cloud) and Secure Code Reviews to identify and mitigate risks early in the SDLC.
  
• Fraud Detection & IR: Build automated monitoring systems (SIEM/IDS) to detect transaction fraud and operational anomalies. Lead the Incident Response team when breaches occur.

REQUIREMENTS:

• Graduated from University in Information Technology.
• Cyber Security, Information Security, Computer Science, Software Engineering, or equivalent.
• Able to read and understand technical English documents and security standards.
• Experience: 3–5 years in Cyber Security, preferably in Fintech or E-commerce.
• Database Expertise: Strong hands-on experience with PostgreSQL security configurations and performance monitoring from a security perspective.
• ML & Cloud Skills: Knowledge of securing AWS/GCP environments and MLOps frameworks. Experience with Docker/K8s security is a major plus.
• Tools: Proficient with Burp Suite, Nessus, Metasploit, and SQL injection testing tools.
• Compliance Knowledge: Deep understanding of PCI-DSS, ISO 27001, or SOC2 frameworks.