Job title: Senior to Staff Compliance
Job type: Permanent
Emp type: Full-time
Industry: High-Growth Tech
Salary type: Annual
Salary: USD $210,000.00
Location: New York, NY
Job published: 2024-10-28
Job ID: 32381
Contact name: Ruby Murphy, Stuart Mitchell
Contact email: ruby.murphy@hamptonnorth.com, stuart.mitchell@hamptonnorth.com

Job Description

We're looking for a Senior or Staff Compliance Engineer to join an established team and help build a new wave of relationships in the federal space.

Logistics: Hybrid in NYC (3 days per week)

Compensation: $160-230k in addition to an annual bonus and stock options.

What you'll be doing:

• Work side by side with engineering and product resources to define security and compliance requirements for new features and services
• Build threat models, testing plans, and validation strategies to ensure a high secure bar for the system
• Review code, infrastructure, and architecture for common security flaws, as well as bespoke, business logic flaws
• Manage penetration tests of critical features
• Assist in managing audits and compliance requirements on an ongoing basis
• Bridge and facilitate communication between engineering teams and other parts of the Security organization

What's required of you:

• 4+ years of experience working as a security engineer
• You understand how to analyze a system and look for potential threats at every stage of the SDLC. You have experience with system design reviews, threat modeling, and common vulnerabilities in Web and Mobile applications
• Hands on experience with cloud-based architectures, especially those built on AWS, Kubernetes, and Docker
• Solid understanding of networking and operating systems
• You can write scripts, and you are proficient in one (or more) of the following languages: Java, Javascript, Python
• You have excellent analytical skills, strong organizational and project management skills, and the ability to prioritize and manage multiple tasks and deadlines.
• You are a strong communicator who can explain security concepts to a variety of audiences and levels, as well as work collaboratively across technical and non- technical teams
• You are comfortable with high levels of autonomy and delivering on complex goals
• You have experience with regulatory and compliance frameworks like NIST 800-53, PCI DSS, and FedRAMP, as well as Identity and Authenticator Assurance Levels like IAL2 and AAL2