Reddit is hiring a
Technical Compliance Engineer

Summary

Join Reddit's SPACE team as a GRC Engineer to defend employees and compute assets, ensuring Reddit is the most trustworthy place for online human interaction. As a governance, risk, and compliance expert, you'll work tirelessly to break into computer networks and ensure others cannot. You'll be part of a team that values humble experts with a 'can do' view of security, risk, and controls.

Requirements

• Expertise in various compliance frameworks such as SOC 2, ISO 27001, SOX ITGC Controls, NIST
• Expertise with designing and implementing continuous control monitoring activities leveraging GRC solutions, through Go/Python/NodeJS/unix shell (bash, zsh) practical scripting, and/or data analysis tools
• Knowledge of API and data querying
• 3+ years of experience with GRC tooling configuration
• 3+ years working in Security governance, risk, and compliance roles. Relevant certifications are a plus
• Support a collaborative, performance-driven culture that builds bridges with other functional groups across the enterprise and maintains positive working relationships
• Experience executing compliance initiatives for cloud platforms and interacting with engineering teams to implement controls
• Human not reliant on ChatGPT to communicate effectively with business representatives, explaining GRC topics (ELI5)

Responsibilities

• Support security compliance initiatives across the organization to mature, enhance, and optimize our controls in partnership with SPACE team members and cross functional stakeholders
• Monitor and mature Reddit's tech control framework to support compliance with industry standards such as SOC 2, SOX, and ISO 27001
• Design and build continuous control monitoring tooling and scripts to mature control execution and reporting
• Develop detailed technical recommendations for controls definition, implementation and assessment in partnership with Security and Engineering teams
• Collaborate with teams across the organization to identify security and privacy risk mitigation needs
• Partner with Security, Privacy, and Engineering teams to implement technical controls
• Maintain compliance documentation, including audit evidence and controls

Benefits

• Comprehensive Healthcare Benefits
• 401k Matching
• Workspace benefits for your home office
• Personal & Professional development funds
• Family Planning Support
• Flexible Vacation (please use them!) & Reddit Global Wellness Days
• 4+ months paid Parental Leave
• Paid Volunteer time off