Facebook pixel

Compliance Security Engineer
Confirmed live in the last 24 hours
United States
Experience Level
Desired Skills
  • Develop an in-depth understanding of the Lacework platform and the cloud technologies it's built on
  • Maintain and improve existing certifications and successfully obtain new ones. Develop roadmap initiatives based on global customer demands & Lacework's growth strategy
  • Prepare for and facilitate external audits associated with various security regulatory requirements
  • Develop and maintain common control framework mappings to efficiently expand the compliance and auditing capabilities
  • Establish and track key performance metrics as service level objectives (SLOs) of security related Field requests
  • Drive projects, technical initiatives, and architectural/service improvements
  • Work with Engineering teams to prioritize and track resolution of identified issues
  • Always look for automation opportunities with continuous compliance as a constant objective. Become an expert at using Lacework and effectively showcase it's use for our own compliance needs. Provide a feedback loop for product improvements
  • Drive regular project reviews with leadership
  • 5+ years of experience in Information Security in areas of compliance, audit, and risk; preferably at a startup
  • Polished professionalism developed through consulting or engaging directly with customers, auditors, and third-parties
  • Past experience in developing roadmap initiatives for certification efforts (e.g. GDPR, SOC 2, ISO 27001, PCI, HiTrust, FEDRAMP, etc.) and driving them through readiness and gap assessments, control implementation, and internal/third party audits
  • Working knowledge of how compliance operates with cloud-native technology stacks
  • Proficiency with common IaaS services/components and architectures
  • Adept in documentation: create diagrams or necessary customer artifacts including policies, standards and procedures, and bring to light areas that need improvement
  • Experience with responding to security questionnaires; conducting research, leading calls, and communicating with internal/external stakeholders using explicit technical details and professionalism
  • Self-directed and motivated to foster creative problem solving as well as out of the box thinking
  • Experience working remotely across many time zones and cultures
  • Excellent written and verbal communication skills
  • Security certification a plus - such as CISSP, CRISC, CISM, etc
Desired Qualifications
  • points: Software development background or proficiency in at least one of the following: Python, Go, or Java
  • points for broad exposure or experience in technologies such as containerization, real-time threat detection, secrets management, continuous deployment, and AWS/DevSecOps tools
  • points for experience with contract review of security & compliance addendums

501-1,000 employees

Security platform for the cloud
Company Overview
Lacework's mission is to become the security platform for the cloud. The company focuses on building modern, robust security infrastructure at scale.
  • Competitive medical, dental, and vision plans
  • Employer contribution to health savings account (HSA)
  • Flexible vacation time
  • Parental leave for birthing and non-birthing parents
  • 401(k) for eligible employees & competitive global retirement plans
  • Life insurance for eligible employees
  • Flexible health and mental wellness stipend
  • Home internet & cell phone stipend
  • Commuter benefits
Company Core Values
  • Put the Customer First
  • Take Pride in Leaving a Legacy
  • Be Open
  • Be Bold, Fail Fast, and Learn
  • Get $hit Done
  • Win As A Team