Imagekit-Security Compliance Engineer

Bachelor's degree in Computer Science, Information Systems, Security or a related field. 4+ years of experience within a security and compliance function. Experience with vulnerability management tooling, remediation, and processes. Experience with Docker, Terraform, AWS. Understanding of concepts related to Systems Engineering/DevOps, IaC, IAM, network security, systems security, cryptography. Understanding of compliance frameworks (e.g., GDPR, SOC2, ISO) and security best practices. Strong expertise in cloud security and compliance, particularly with AWS. Have a wide understanding of cybersecurity and data protection frameworks such as ISO 27001, NIST, SOC2, PCI-DSS, GDPR, CCPA. Experience developing and maintaining policies, procedures, standards, and guidelines to align with company’s strategy and best practices. Experience with automated compliance and security monitoring tools. Knowledge of AI Models and secure, compliant integration. Ability to work effectively in fast-paced and dynamic environments. Excellent communication skills for technical and regulatory collaboration. Enterprise security experience is a plus.

Implement security measures and compliance controls within backend systems, focusing on cloud environments like AWS and enterprise security. Collaborate with the compliance/security team to adopt new compliance standards, integrate them with existing security solutions and collect evidence for external audits. Enhance data protection, conduct risk assessments, and ensure systems comply with standards like GDPR, SOC2, or ISO. Ensure controls are configured correctly and integrated into the security strategy. Identify and mitigate vulnerabilities, ensuring both security and compliance across systems. Stay updated on security technologies and compliance regulations, applying this knowledge to improve our infrastructure. Works with the engineering team to build secure and compliant software development practices. Manage application patching and update AWS configurations using Terraform to maintain system integrity and performance. Work with the team to conduct regular audits to ensure compliance with internal policies and procedures, relevant security standards best practices, regulations and client requirements to identify gaps and provide remediation solutions.