Head of IT & Security

Trufla

Leadership & Strategy

• Own and drive the IT and Security roadmap, aligning it with Trufla's business objectives
• Lead, mentor, and grow the IT & Security team across Cairo and Canada offices
• Act as the primary point of escalation for all IT and security-related matters
• Report on IT and security program health, KPIs, and risk posture to senior leadership
• Manage vendor relationships, contracts, and procurement for IT and security tooling

SOC 2 Compliance

• Lead the end-to-end implementation of SOC 2 (Type I and Type II) compliance across the organization
• Conduct gap assessments against SOC 2 Trust Service Criteria (Security, Availability, Confidentiality, Processing Integrity, and Privacy)
• Develop, document, and enforce the policies, procedures, and controls required to meet SOC 2 requirements
• Coordinate with external auditors and manage the audit process through to successful certification
• Maintain and continuously improve SOC 2 compliance posture post-certification, ensuring controls remain effective and audit-ready year over year
• Train and align internal stakeholders on their responsibilities within the SOC 2 control framework

Security

• Demonstrate a thorough understanding of business processes, risk management, IT controls, and related standards
• Identify and evaluate business and technology risks; design and implement appropriate controls, technologies, and processes to mitigate them
• Conduct and oversee capability assessments, developing pragmatic remediation strategies and good practice recommendations
• Lead the review of security-related events, assessing risk and validity, and producing clear executive reporting
• Conduct research to maintain and expand knowledge of the latest security technologies, standards, and the evolving threat and vulnerability landscape
• Work with security vendors to evaluate solution offerings and advise on appropriate technologies
• Conduct and oversee penetration testing activities
• Develop and deliver security awareness training programs across the organization

IT Support & Operations

• Oversee the analysis, diagnosis, and resolution of complex workstation and infrastructure problems for end users in Cairo and remotely for other offices
• Ensure the installation, configuration, testing, maintenance, monitoring, and troubleshooting of end-user workstations, hardware, software, and telephony equipment
• Manage and improve incident ticketing processes, ensuring timely response and resolution
• Oversee move, add, and change (MAC) requests as submitted by line managers
• Maintain and uphold procedures for logging, reporting, and statistically monitoring workstation operations
• Liaise with third-party support vendors and software/hardware providers as needed
• Participate in an on-call rotation for after-hours and weekend critical support

Job Qualifications

• College diploma or university degree in Computer Science, Information Security, or a related field, or equivalent professional certification
• 7+ years of experience in a Network, IT, or Security role
• 3+ years of experience leading an IT or Security team
• Demonstrated hands-on experience implementing or managing SOC 2 compliance (Type I and/or Type II)
• Strong knowledge of security frameworks and standards (SOC 2, ISO 27001, NIST, CIS Controls)
• Sound technical knowledge of PC hardware, networking, mobile devices, and related technologies
• Working knowledge of current operating systems, protocols, and infrastructure standards
• Experience conducting penetration testing
• Able to read and understand technical manuals, procedural documentation, and OEM guides
• Experience working in a team-oriented, collaborative environment across multiple time zones