About the Role
We are looking for a Security Engineer to design and secure our client's cloud environment, lead their security certifications (SOC 2 / ISO 27001) and become the technical security voice for their enterprise customers.
What You'll Do
Cloud & Infrastructure Security
- Design,implement, and maintain security controls across our cloud platforms (AWS/Azure/GCP)
- Manage IAM, network segmentation, secrets management, logging, threat detection, and incident response
- Integrate security into CI/CD (Secure SDLC), including IaC security and dependency scanning
Compliance & Security Assurances
- Lead and maintain SOC 2 Type II and ISO 27001 certification processes
- Build security policies, governance, and continuous compliance frameworks
- Partner with auditors and ensure evidence is collected efficiently across teams
Customer Trust & Enterprise Support
- Act as the technical point of contact for customer security inquiries
- Respond to security questionnaires, RFPs, due diligence requests
- Join calls with enterprise CISOs and procurement teams to explain our posture
Privacy & Data Protection
- Promote data minimization, encryption standards, and privacy-by-design principles
- Support secure handling of sensitive or regulated data across the product
What We're Looking For
Required
- 4+ years of experience in Security Engineering in a SaaS or cloud-first environment
- Experience with SOC2 and/or ISO 27001 compliance frameworks
- Strong cloud security background in AWS/Azure/GCP
- Familiarity with IaC tools such as Terraform, Pulumi, or similar
- Good understanding of container / Kubernetes security
- Experience integrating security into CI/CD pipelines (DevSecOps / Secure SDLC)
- Ability to translate complex technical controls into clear language for customers & auditors
Nice to Have
- Experience in fintech, regtech, or enterprise B2B SaaS
- Familiarity with AI/LLM security and data leakage concerns
- Exposure to enterprise deal cycles and customer security reviews
- Certifications such as: CISSP, CCSP, Security+, ISO Lead Implementer, or SOC2-related certs
