Senior Trust/Security Engineer

About The Position

Requirements

• Bachelor’s degree in Computer Science, Engineering, Information Security, or a related technical field, or equivalent practical experience.
• 6+ years of industry experience in security engineering, trust engineering, platform engineering, security/compliance automation, or data/automation roles supporting security or compliance programs.
• Strong understanding of security principles, risk management, and compliance concepts, including how they apply at organizational scale.
• Experience implementing or operationalizing controls aligned to common frameworks such as SOC 2, ISO 27001, NIST, or similar.
• Experience producing or automating audit evidence, control validation, and security/compliance reporting at scale.
• Proficiency in scripting and automation languages such as Python, Bash, or PowerShell for data processing and pipeline automation.
• Experience building automated pipelines that ingest, normalize, and validate data from multiple systems.
• Experience designing and maintaining metrics, dashboards, and reporting systems for technical and non-technical stakeholders.
• Familiarity with DevOps and CI/CD concepts, including integrating security and compliance checks into build and deployment workflows.
• Experience with cloud platforms (AWS, Azure, or GCP) and cloud-native services used for data processing, storage, and monitoring.
• Experience implementing or supporting cloud security controls such as IAM, network segmentation, secrets management, or data protection mechanisms in AWS, Azure, or GCP.
• Working knowledge of data stores and query systems (e.g., SQL, NoSQL, analytics platforms) used for reporting and dashboards.
• Experience working cross-functionally with engineering, product, security, legal, privacy, or compliance stakeholders to deliver measurable outcomes.
• Strong verbal and written communication skills, with the ability to clearly explain security and trust concepts to diverse audiences, including leadership.
• Excellent problem-solving skills, attention to detail, and ability to adapt to evolving organizational priorities and regulatory requirements.

Nice To Haves

• Experience with governance, risk, and compliance (GRC) platforms or trust reporting tools, and with building workflows that keep controls measurable and audit-ready.
• Experience partnering with engineering teams to embed security controls and reporting into SDLC or CI/CD workflows.
• Experience with audit preparation, customer trust requests, or external assurance activities such as questionnaires, evidence reviews, or certification support.
• Experience translating technical controls and operational data into materials used for customer trust conversations, audits, or executive reviews.
• Experience with BI and analytics tools used for dashboarding and stakeholder reporting.
• Experience with data modeling, ETL/ELT, or observability tooling used to support security telemetry and reporting.
• Prior experience operating in a centralized trust, security, or platform organization.
• Experience with infrastructure-as-code tools such as Terraform or CloudFormation.
• Experience with threat modeling, secure design reviews, or cloud security architecture in modern SaaS or platform environments.
• Industry certifications (e.g., CISSP, CISM, GIAC, CEH) preferred.

Responsibilities

• Lead the design, implementation, and maintenance of trust, security, and compliance telemetry systems, including automated pipelines that aggregate signals from multiple sources into centralized reporting and analytics platforms.
• Develop and maintain automation and tooling to continuously assess compliance with internal standards, security policies, and external frameworks (e.g., SOC 2, ISO 27001, NIST, internal trust commitments).
• Define and implement metrics, KPIs, and success indicators for trust and security programs, including control coverage, adoption, exceptions, remediation progress, and operational health, embedding measurement into CI/CD and build systems where appropriate.
• Build and maintain scalable mechanisms for collecting, validating, and surfacing audit evidence and control status in a timely, repeatable manner.
• Design and maintain dashboards and reporting frameworks for executive, leadership, and stakeholder consumption, translating technical signals into clear risk, progress, and compliance narratives.
• Design and implement scalable cloud and platform security controls, including IAM, network security, and data protection mechanisms where relevant to product and platform trust requirements.
• Build and maintain secure platform architectures, partnering with engineering teams to improve security design, auditability, and resilience across cloud-based systems.
• Partner with Engineering, Architecture, Operations, Security, Legal, Privacy, and Product teams to integrate security-by-design practices into trust signal collection, reporting, and monitoring systems, and to define, track, and communicate trust and security standards across the organization.
• Drive remediation by helping teams identify gaps, prioritize fixes, and track progress to closure for trust and security commitments.
• Troubleshoot and resolve issues related to data quality, pipeline reliability, automation failures, and reporting accuracy across trust and security systems.
• Produce well-documented, secure, and maintainable code for automation, integrations, and reporting tools, following established engineering best practices.
• Act as a trusted advisor to leadership, translating complex trust and security data into clear narratives, actionable insights, and recommendations that inform decision-making.
• Mentor junior engineers and analysts in trust, security automation, and metrics development, fostering a culture of high-quality delivery and continuous improvement.
• Participate in on-call rotation to support production systems.

Benefits

• Health benefits
• Financial benefits
• Time away
• Everyday wellness