Skip to content

Senior Security & Compliance Analyst

Maintains security and compliance for tech platform, owns SOX/SOC2 audits, refines controls, and responds to customer due diligence. Requires 5+ years experience with standards like SOX/SOC2, cloud knowledge, and certifications like CISA/CISSP.

United StatesSecurity EngineeringRemote5+ YOE

About the role

What You’ll Do

  • Maintain a deep understanding of our platform and its supporting infrastructure and processes, as well as how our compliance obligations apply to that environment.
  • Provide responses to and maintain reference material for customer inquiries and due diligence procedures that involve technology compliance and participate in discussions for security and compliance assessments.
  • Continuously confirm and refine MNTN’s internal control framework and related documentation (e.g., policies, procedures, narratives, training material) and contribute to ongoing controls development and improvement.
  • Own evidence collection for our various audits, especially SOX and SOC2.

What You’ll Bring

  • 5+ years of security or compliance analysis, or assurance/advisory experience, including building controls in the technology space.
  • A thorough understanding of technical environments, and the ability to communicate with subject matter experts about technical and operational security controls.
  • Experience mapping and rationalizing controls to meet requirements across multiple information security/technology compliance standards (SOX, SOC2, ISO 27001, GDPR, IT General Controls).
  • Excellent written and verbal communication skills to communicate details of a security program to a wide spectrum of audiences, including customers.
  • Strong analytical skills and attention to detail.
  • Flexible and can adapt to a changing environment.
  • Self-directed and take initiative on projects and tasks, and in identifying gaps related to security controls, with minimal day-to-day oversight/direction.
  • Knowledge of Amazon Web Services, Google Cloud Services, and Container technologies.
  • CISA, CISM, CISSP, or related certification.
  • Experience using governance, risk management, and compliance (GRC) tools.

Skills

Amazon Web ServicesGCPKubernetesSoxSoc2ISO 27001GDPRGrc ToolsCisaCissp

Senior Platform Engineer, Security

Build and secure Doxel's internal developer platform on GCP. Own cloud security posture, embed security into CI/CD pipelines, and drive adoption of secure golden paths across engineering teams.

175k – 220kSan Francisco, CASecurity EngineeringHybrid6+ YOEGoGCP

Senior Product Security Engineer

Hands-on security engineer building product security guardrails, tooling, and SDLC integrations for a multi-product HR/IT/Finance platform. Requires 5+ years in product security, fluency in Python/React/DRF, and experience leading cross-team vulnerability remediation.

151k – 280kSan Francisco, CA +3Security EngineeringHybrid5+ YOESSOSAML

Senior Software Security Engineer

Senior security engineer building and maintaining identity, secrets, and cloud security systems for AI infrastructure. Requires 5+ years experience, strong Python/Go/Rust skills, and cloud security expertise.

320k – 405kSan Francisco, CA +2Security EngineeringHybrid5+ YOEGoIAM

Software Engineer - Security Platform

Build and operate secure distributed systems for secrets/key management, PKI, and machine identity across Cloudflare's global network. Requires 8+ years experience in software development, distributed systems, and security implementation.

168k – 275kAustin, TX +5Security EngineeringHybrid8+ YOEGoPki

Security Engineer, Cloud

Security Engineer building and hardening cloud-native security controls, infrastructure-as-code, and CI/CD pipelines for a scalable platform. Requires 8+ years in infrastructure/platform security and deep expertise in AWS/GCP and Kubernetes.

208k – 312kUnited StatesSecurity EngineeringRemote8+ YOEAWSGCP