Principal Security Engineer

At ZeroNorth, we are at the forefront of transforming the shipping industry through digital innovation. Our solutions go beyond optimizing business operations, they are designed to lead the industry in sustainability by significantly reducing CO2 emissions. 

Our core mission of making global trade greener drives everything we do. Your contributions will play a crucial role in reducing emissions, aligning commercial success with sustainability, and delivering benefits for both profitability and the environment.

ZeroNorth is powered by a diverse team of 550+ professionals with more than 38 nationalities, operating out of global hubs including Copenhagen (our headquarters), Athens, Chennai, Mumbai, New York, San Diego, Singapore, Sofia, and Tokyo. We are leading the industry's green transition, enabling our partners to leverage data for actionable decarbonization efforts.

Principal Security Engineer at ZeroNorth

This senior role bridges strategic compliance requirements with hands-on technical execution within a dynamic platform team. 

You will be instrumental in defining and driving our security posture across the organisation, ensuring adherence to global regulations and standards, and directly implementing security best practices within our AWS cloud infrastructure, including our EKS-based application platform, built using Terraform, and our development workflows using Github Actions CI/CD.

Reporting to the Platform Engineering Team Lead, you will own key security and compliance processes while actively collaborating with engineering teams, Internal IT, Legal, auditors, and leadership.

Key responsibilities:

• Define and maintain organisation-wide security policies and standards, interpreting relevant regulations (GDPR, NIS2 etc.) to guide strategy.

• Drive adherence to compliance frameworks (SOC 2, NIS2, GDPR), own and administer the GRC platform (Vanta) for program management, and serve as the primary liaison for external security and compliance audits. Own the high-level incident response framework and monitor overall security posture, reporting to leadership.

• Design, implement, and manage technical security controls directly on our AWS/EKS/Terraform infrastructure. Integrate automated security scanning tools (IaC, secrets) into Github Actions CI/CD pipelines. Monitor and remediate security vulnerabilities within the platform. Act as the lead technical security expert for the team.

• Work closely with engineering teams, Internal IT, and Legal to guide secure practices, ensure platform systems provide necessary evidence for compliance (Vanta), and advise on platform-related security capabilities. Influence technical and policy decisions across the organisation.

Your profile:

• Proven experience in Information Security, covering both GRC program management and hands-on technical implementation.

• Solid understanding of security frameworks (SOC 2, ISO 27001) and regulations (GDPR, NIS2).

• Extensive experience with AWS cloud security, including EKS.

• Strong hands-on experience with Terraform for infrastructure as code.

• Experience with Github Actions CI/CD and integrating security tooling.

• Experience managing external audits and risk assessment.

• Ability to translate security requirements into technical actions and policies.

• Excellent communication and collaboration skills; comfortable working with diverse technical and non-technical stakeholders.

• Experience administering GRC tools (Vanta is a plus).

• Relevant security certifications (CISSP, CISM, AWS Security, etc.) are a plus.

About ZeroNorth

At ZeroNorth, we aim to make global trade sustainable by steering the maritime industry toward zero emissions. Using advanced technology and trusted data, our platform delivers real-time insights to optimize operations and align commercial success with environmental impact.

We partner with customers on their journey toward sustainability, solving complex challenges and empowering informed decisions that benefit both the planet and their bottom line.

Our culture thrives on growth, inclusion, and collaboration. We value honesty, trust, and the unique contributions of every team member, driving meaningful change together. Let's make global trade green.