GrepJob
Overstory

Senior Security Engineer

Overstory
Apply
2 months ago
Remote, United States or Toronto, CanadaSenior

Responsibilities

  • Own and evolve Overstory’s compliance program with SOC 2 and ISO 27001.
  • Drive end-to-end vulnerability management from detection to remediation.
  • Design and improve security processes across infrastructure and applications.
  • Lead security input in architecture and engineering decisions.
  • Oversee identity and access management and endpoint security.
  • Manage vendor security and third-party risk assessments.
  • Lead audit readiness for SOC 2 and ISO 27001.
  • Partner with customer-facing teams on security questionnaires.
  • Contribute to security awareness and culture within the organization.

Requirements

  • 5+ years of experience in security engineering or related fields.
  • Direct experience with SOC 2 and ISO 27001 compliance frameworks.
  • Deep experience in vulnerability management and remediation workflows.
  • Fluency in cloud environments like AWS, GCP, or Azure.
  • Experience with identity and access management and IT security operations.
  • Ability to translate security risks into actionable guidance.
  • Interest in leveraging AI tooling for business impact.
  • Strong written communication skills for documentation.
  • Proactive mindset balancing security best practices with business needs.
  • Experience working cross-functionally in a remote-first environment.

Benefits

  • Competitive, location-specific compensation and benefits.
  • Flexible, autonomous working environment.
  • Home office stipend and ongoing education budgets.
  • A company culture that embodies core values.
  • Opportunity to work on mission-driven projects addressing climate change.