Security Compliance Engineer

Summary

Join ImageKit, a global SaaS company revolutionizing media delivery, as a remote Security Compliance Engineer. This role blends security, compliance, and DevOps to ensure secure and efficient infrastructure management, primarily using AWS and Terraform. You will implement security measures, collaborate with the compliance team, enhance data protection, and mitigate vulnerabilities. The ideal candidate possesses strong cloud security expertise, particularly with AWS, and experience with compliance frameworks like GDPR, SOC2, and ISO. ImageKit offers excellent compensation, promotion opportunities, remote work flexibility, health insurance, workspace setup funds, a learning and wellness fund, and a flexible leave policy.

Requirements

• Bachelor’s degree in Computer Science, Information Systems, Security or a related field
• 4+ years of experience within a security and compliance function
• Experience with vulnerability management tooling, remediation, and processes
• Experience with Docker, Terraform, AWS
• Understanding of concepts related to Systems Engineering/DevOps, IaC, IAM, network security, systems security, cryptography
• Understanding of compliance frameworks (e.g., GDPR, SOC2, ISO) and security best practices
• Strong expertise in cloud security and compliance, particularly with AWS

Responsibilities

• Implement security measures and compliance controls within our backend systems, focusing on cloud environments like AWS and enterprise security
• Collaborate with the compliance/security team to adopt new compliance standards, integrate them with existing security solutions and collect evidence for external audits
• Enhance data protection, conduct risk assessments, and ensure systems comply with standards like GDPR, SOC2, or ISO
• Ensure controls are configured correctly and integrated into the security strategy
• Identify and mitigate vulnerabilities, ensuring both security and compliance across systems
• Stay updated on security technologies and compliance regulations, applying this knowledge to improve our infrastructure
• Works with the engineering team to build secure and compliant software development practices
• Manage application patching and update AWS configurations using Terraform to maintain system integrity and performance
• Work with the team to conduct regular audits to ensure compliance with internal policies and procedures, relevant security standards best practices, regulations and client requirements to identify gaps and provide remediation solutions

Preferred Qualifications

• Have a wide understanding of cybersecurity and data protection frameworks such as ISO 27001, NIST, SOC2, PCI-DSS, GDPR, CCPA
• Experience developing and maintaining policies, procedures, standards, and guidelines to align with company’s strategy and best practices
• Experience with automated compliance and security monitoring tools
• Knowledge of AI Models and secure, compliant integration
• Ability to work effectively in fast-paced and dynamic environments
• Excellent communication skills for technical and regulatory collaboration
• Enterprise security experience is a plus

Benefits

• An excellent compensation, for sure, with lucrative sales commissions
• Clear path to promotion into Account Executive and beyond
• You work with a very hardworking and responsible remote team. We take our work seriously, and also our off-sites (the last ones were in Phuket, Udaipur, Goa, Corbett, Bali, and Mussoorie. Don't miss out on the next :))
• We take care of your and your family's health insurance
• Help you with funds to set up your workspace at your home or take up a co-working space
• A learning and wellness fund to pursue any professional course and any hobbies outside of work (Gym, bartending, sports, and dancing are some hobbies that our team members have pursued)
• No questions asked leave policy. We trust you to get the work done
• Flexible working hours and flexible work locations. As long as you have a stable internet connection, you can work from anywhere in the world