Senior Cybersecurity Customer Trust & Assurance Engineer

About The Position

Requirements

• 8–12+ years of hands-on experience in cybersecurity, cloud security, application security, or software engineering — with demonstrable depth in security architecture, not just compliance or advisory work.
• Proven ability to design, validate, and articulate security controls at the engineering level — including IAM models, encryption strategies, secrets management, network segmentation, and logging/observability pipelines.
• Strong working knowledge of cloud-native architectures (AWS, Azure, or GCP) from a security design perspective — able to discuss tradeoffs, attack surfaces, and control decisions with engineering teams.
• Experience with threat modeling methodologies (e.g., STRIDE, MITRE ATT&CK) and applying them to real SaaS platform components such as identity flows, APIs, and data pipelines.
• Hands-on experience collaborating with engineering teams on system design reviews, security controls implementation, and architecture validation — not just documentation or sign-off.
• Familiarity with security and compliance frameworks such as HITRUST CSF, SOC 2, ISO 27001, or CSA STAR — with the ability to ground compliance requirements in technical implementation, not just policy.
• Experience responding to customer security questionnaires, RFIs, and due-diligence requests, with responses anchored in engineering detail rather than templated answers.
• Experience creating or maintaining architectural diagrams, threat models, and technical security documentation.
• Exceptional written and verbal communication skills — able to translate engineering-level security decisions into clear, accurate, customer-ready explanations for both technical and non-technical audiences.
• Confident representing the platform's security posture directly to customers and able to handle follow-up technical questions without escalation.
• Able to work cross-functionally across engineering, product, and compliance teams in a distributed environment.

Nice To Haves

• Relevant certifications strongly preferred: CISSP, CCSP, CISM, or cloud security certifications (AWS Security Specialty, Google Professional Cloud Security Engineer, etc.)

Responsibilities

• Respond to customer RFIs, security questionnaires, and due-diligence inquiries related to security, privacy, and compliance.
• Collaborate closely with internal teams to gather, validate, and align accurate technical responses.
• Interpret and translate technical security concepts into clear, customer-ready explanations.
• Support customer trust initiatives, including audits, certifications, and process improvements.
• Ensure timely, high-quality delivery of all responses and maintain excellent communication throughout the customer lifecycle.
• Develop a deep understanding of the platform’s architecture, including cloud infrastructure, application components, identity flows, and data protection mechanisms.
• Articulate security design decisions, architectural patterns, and threat mitigation strategies in a way that builds high customer confidence.
• Partner with engineering teams to ensure externally communicated security details accurately reflect system design and controls.
• Enhance and maintain technical security documentation, architectural diagrams, and reusable content for customer assurance.
• Identify opportunities to improve clarity, consistency, and technical depth across customer-facing security materials.

Benefits

• Health, Dental, and Vision Insurance
• Employer Contributions to Health Savings Accounts (HSA)
• Flexible Spending Accounts (FSA)
• $200 Lifestyle Spending Account (LSA)
• Disability Insurance
• Life and AD&D Insurance
• Employee Assistance Program (EAP)
• Career Growth Opportunities
• Team Engagement Activities