Job Specifications
Security Engineer - Governance, Risk & Compliance
We're looking for a Security Engineer with a passion for automation, coding, and building scalable compliance systems. You'll work at the intersection of security engineering and governance, writing code, building tools, and integrating controls directly into our infrastructure.
This role is ideal for someone who understands compliance but prefers solving those problems through Python scripts, Terraform, and APIs, not spreadsheets.
What You'll Do
Design, build, and maintain automation for evidence collection, control monitoring, and compliance reporting (Python, Go, or similar).
Implement infrastructure-level guardrails using Terraform, policy-as-code, or cloud-native tooling.
Integrate compliance validation into CI/CD pipelines and cloud infrastructure (GCP preferred).
Develop dashboards and analytics to measure control effectiveness and identify risk trends.
Collaborate closely with security, engineering, and product teams to embed compliance into design and deployment.
Lead and support audits (SOC 2, PCI, SOX) using automation to minimize manual effort.
What You Bring
Strong coding skills in Python, Go, or TypeScript, with experience building automation and integrations via APIs.
Practical experience with cloud infrastructure (GCP, AWS, or Azure) and IaC tools such as Terraform.
Experience designing or operating compliance programs (SOC 2, ISO, PCI, SOX, NIST) in a cloud-native environment.
Familiarity with modern security tooling (Splunk, Datadog, vulnerability scanners, or similar).
A problem-solver mindset, you'd rather build a tool to fix a compliance gap than document a workaround.
Why Join
You'll shape how compliance is engineered across our environments, working closely with world-class engineers to automate and scale governance in real time. This is a chance to make compliance as technical and dynamic as the systems it protects.