Security and Compliance Engineer
STN Inc•San Francisco, CA
•Hybrid
About The Position
The Security and Compliance Engineer owns security operations and compliance posture for the GPU One (GPUaaS) platform. The role maintains SOC 2 and SOC 3 programs, supports customer security requirements during sales and operations, and leads security incident response.
Requirements
- 5+ years in information security, GRC, or security engineering
- Demonstrated SOC 2, ISO 27001, FedRAMP, or comparable compliance experience
- Strong knowledge of cloud security, network security, IAM, and identity federation
- CISSP, CISM, CCSP, or equivalent certification
- Excellent written communication including audit narratives and policy authorship
Nice To Haves
- Multi-tenant or service provider security background
- HIPAA, PCI-DSS, CMMC, or government compliance experience
- Hands-on technical security skills (cloud configuration audit, IR forensics)
- Experience supporting AI/ML or data-sensitive customer workloads
Responsibilities
- Maintain SOC 2 Type 2 and SOC 3 compliance programs including control evidence and audit support
- Manage customer security questionnaires, audits, and penetration test coordination
- Operate identity and access management (IAM) for both platform and customer environments
- Drive vulnerability management across infrastructure, platform, and corporate IT
- Investigate security incidents and lead incident response (IR)
- Maintain security policies, standards, and operating procedures
- Support customer security reviews and security-related contract negotiations
- Coordinate with TAM on customer-specific security requirements
- Manage security tooling (SIEM, EDR, vulnerability scanners, IAM/SSO)
- Drive security awareness training and phishing programs across STN
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
Upload and Match Resume
What This Job Offers
Job Type
Full-time
Career Level
Senior
Education Level
No Education Listed
