4 days ago
San Francisco, CA, USA
Mid Level / Senior
H1B Sponsor
Base Salary
$225k - $240k/yr
Responsibilities
- Own and evolve Envoy’s unified cross-framework control model across various compliance standards.
- Maintain and mature the security risk register with explicit and documented risk decisions.
- Drive continuous audit readiness without last-minute scrambles.
- Define and reinforce control ownership across Product and Infrastructure teams.
- Operate and mature key assurance programs including vendor risk management and data classification.
- Build lightweight tooling and automation to validate controls and reduce manual evidence collection.
- Use code, APIs, and cloud integrations to automate compliance workflows.
- Leverage AI to enhance control mapping and compliance documentation.
Requirements
- 5+ years of experience in security engineering or security assurance.
- Direct experience with ISO 27001 and/or SOC 2 audit cycles.
- Experience mapping technical implementations to security control frameworks.
- Working knowledge of modern cloud environments like AWS.
- Ability to evaluate access control trade-offs and logging adequacy.
- Experience maintaining a security risk register.
- Ability to write scripts in languages such as Python or Bash.
- Experience using APIs for workflow automation.
- Strong communication skills to explain risk in practical terms.
Tech Stack
AWSAzureBashPython
Categories
AI & MLSecurity