Head of Security

Head of Security Mecka - 1.0 New York, NY Job Details Full-time $160,000 - $200,000 a year 17 hours ago Qualifications Data encryption Endpoint Security Cloud infrastructure Cloud security engineering Security engineering Information security compliance Access control implementation Mobile device management Key management Identity and access management (IAM) solutions Identity & access management Full Job Description The Role We're hiring a Security Engineer to own and implement company-wide security systems and practices across Mecka. This is a high-ownership, hands-on role working closely with leadership to define and execute our security strategy and risk posture . You will be responsible for securing everything from devices infrastructure data access , while building systems that scale with the company. This role is ideal for someone who can operate as a practical security operator — not just setting policy, but actively implementing and managing systems. Responsibilities Security Strategy & Risk Management Own and evolve Mecka's overall security posture and risk framework Identify vulnerabilities and proactively mitigate risks across systems Define and enforce security standards and best practices across the company Device & Endpoint Security Implement and manage MDM systems (laptops, devices, access control) Enforce device hardening, access policies, and security configurations Manage onboarding/offboarding security for all employee devices Infrastructure & Application Security Secure infrastructure across: Cloud environments Internal systems Developer workflows Implement best practices for: Secrets management IAM (identity and access management) CI/CD security Work closely with engineering to ensure secure system design Identity & Access Management Own and manage SSO, MFA, and access control systems Define and enforce role-based access policies Ensure secure onboarding, role changes, and offboarding processes Data Security & Protection Define and enforce data handling and access policies Implement encryption, key management, and secure storage practices Ensure sensitive data is properly protected across systems Monitoring & Incident Response Monitor systems for security threats and suspicious activity Respond to incidents (phishing, breaches, unauthorized access, etc.) Build and maintain incident response processes and playbooks Vendor & Compliance Security Audit and secure third-party vendors, tools, and integrations Support compliance initiatives (e.g. SOC 2, enterprise requirements ) Ensure security standards are maintained across external dependencies Who You Are Required Experience 4+ years of experience in security engineering, infrastructure, or related roles Experience securing cloud environments, internal systems, and developer workflows Strong understanding of IAM, access control, and authentication systems Experience with endpoint security and MDM tools Experience implementing practical, real-world security systems Strong Signals Experience in startup or high-growth environments Experience with SOC 2 or enterprise security requirements Strong knowledge of secrets management, encryption, and key management Experience working closely with engineering teams on secure systems Ability to balance security with speed and usability You Are Highly practical and execution-focused Comfortable owning security across multiple layers of the stack Strong at identifying risks and implementing real solutions quickly Able to operate with high ownership and autonomy Focused on building secure systems that don't slow the company down Why This Role Own and build security from the ground up Direct impact on protecting company systems, data, and customers Work closely with leadership and engineering on critical infrastructure Enable enterprise readiness and trust with customers High ownership role with significant scope and responsibility

Compensation Range:

$160K - $200K