ImageKit is seeking a Security Compliance Engineer with DevOps experience to strengthen its Engineering team. This role is critical in ensuring secure, compliant, and efficiently managed cloud infrastructure, primarily using AWS and Terraform, while supporting compliance with standards like GDPR, SOC2, and ISO.
What You'll Do
- Implement security measures and compliance controls within backend systems, focusing on cloud environments like AWS and enterprise security.
- Collaborate with the compliance/security team to adopt new compliance standards, integrate them with existing security solutions and collect evidence for external audits.
- Enhance data protection, conduct risk assessments, and ensure systems comply with standards like GDPR, SOC2, or ISO.
- Ensure controls are configured correctly and integrated into the security strategy.
- Identify and mitigate vulnerabilities, ensuring both security and compliance across systems.
- Stay updated on security technologies and compliance regulations, applying this knowledge to improve our infrastructure.
- Work with the engineering team to build secure and compliant software development practices.
- Manage application patching and update AWS configurations using Terraform to maintain system integrity and performance.
- Work with the team to conduct regular audits to ensure compliance with internal policies and procedures, relevant security standards best practices, regulations and client requirements to identify gaps and provide remediation solutions
What We're Looking For
- Bachelor’s degree in Computer Science, Information Systems, Security or a related field.
- 4+ years of experience within a security and compliance function
- Experience with vulnerability management tooling, remediation, and processes
- Experience with Docker, Terraform, AWS
- Understanding of concepts related to Systems Engineering/DevOps, IaC, IAM, network security, systems security, cryptography
- Understanding of compliance frameworks (e.g., GDPR, SOC2, ISO) and security best practices.
- Strong expertise in cloud security and compliance, particularly with AWS.
Nice to Have
- Have a wide understanding of cybersecurity and data protection frameworks such as ISO 27001, NIST, SOC2, PCI-DSS, GDPR, CCPA.
- Experience developing and maintaining policies, procedures, standards, and guidelines to align with company’s strategy and best practices
- Experience with automated compliance and security monitoring tools.
- Knowledge of AI Models and secure, compliant integration.
- Ability to work effectively in fast-paced and dynamic environments.
- Excellent communication skills for technical and regulatory collaboration.
- Enterprise security experience is a plus
Technical Stack
- AWS
- Terraform
- Docker
- IaC
- IAM
- network security
- systems security
- cryptography
Benefits & Compensation
- An excellent compensation, for sure, with lucrative sales commissions.
- Clear path to promotion into Account Executive and beyond.
- You work with a very hardworking and responsible remote team. We take our work seriously, and also our off-sites (the last ones were in Phuket, Udaipur, Goa, Corbett, Bali, and Mussoorie. Don't miss out on the next :))
- We take care of your and your family's health insurance.
- Help you with funds to set up your workspace at your home or take up a co-working space.
- A learning and wellness fund to pursue any professional course and any hobbies outside of work (Gym, bartending, sports, and dancing are some hobbies that our team members have pursued).
- No questions asked leave policy. We trust you to get the work done.
- Flexible working hours and flexible work locations. As long as you have a stable internet connection, you can work from anywhere in the world.
Work Mode
Flexible working hours and flexible work locations. As long as you have a stable internet connection, you can work from anywhere in the world.
