Security Compliance Engineer
About The Position
At Yuno, we are building the payment infrastructure that enables all companies to participate in the global market. Founded by a team of seasoned experts in the payments and IT industries, Yuno provides a high-performance payment orchestrator. Our technology offers companies access to leading payment capabilities, allowing them to engage customers confidently and maintain global business operations with seamless payment integrations worldwide. Shape your future with Yuno! As a Security Compliance Engineer at Yuno, you will play a key role in ensuring our security and privacy programs meet the highest industry standards. In this role, you will actively contribute to ISO 27001, ISO 27701, SOC 2, and PCI DSS audits from a technical perspective, translating compliance and privacy requirements into scalable, measurable, and auditable technical controls. You will collaborate closely with Engineering and DevOps teams to implement cloud security controls across AWS and GCP, build internal security tooling using Python, and support privacy-focused initiatives that enable Yuno to operate securely and compliantly in the global payments ecosystem.
Requirements
- Practical experience working with ISO 27001 audits and translating controls into technical implementations.
- Familiarity with SOC 2 and PCI DSS frameworks from an engineering perspective.
- Understanding of privacy requirements and frameworks.
- Proficiency in Python for developing secure and maintainable tooling.
- Solid knowledge of AWS and/or GCP security services (IAM, logging, monitoring, WAF, etc.).
- Strong collaboration skills and English fluency.
Nice To Haves
- Experience with Kubernetes, container security, or CI/CD pipelines.
- Infrastructure as Code experience (Terraform, CloudFormation).
- Familiarity with vendor risk management and third-party security reviews.
- Experience in fintech, payments, or highly regulated environments.
- Familiarity with emerging architectures (e.g., serverless, event-driven, AI integrations).
Responsibilities
- Actively participate in ISO 27001, ISO 27701, SOC 2 and PCI DSS audit processes, contributing from a technical and implementation perspective as part of the Security team.
- Translate security, compliance, and privacy requirements into scalable technical controls, ensuring they are enforceable, measurable, and auditable.
- Design, build, and maintain secure and scalable internal security solutions and tools using Python to support security operations and strengthen technical controls.
- Work with Engineering and DevOps teams to implement and validate cloud security controls in AWS and GCP aligned with audit requirements.
- Contribute to privacy-related technical initiatives, including data mapping, control automation, and alignment with privacy frameworks and data protection regulations (e.g., ISO 27701, GDPR, and similar).
Benefits
- Competitive Compensation
- Remote work - You can work from everywhere!
- Home Office Bonus - We offer a one time allowance to help you create your ideal home office.
- Work equipment
- Stock options
- Health Plan wherever you are
- Flexible Days off
- Language, Professional and Personal growth courses
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
Number of Employees
101-250 employees
