Security & Compliance Engineer
Arist
Arist is the go-to agent-first enablement platform for the Fortune 500. Every deal ships with a security questionnaire, a Trust Center deep-dive, and a customer who wants to see SOC 2 + ISO 27001 + ISO 42001 evidence before signing. Today this work is split across people who have other day jobs. We need one owner. This is the person who keeps deals from stalling at security review, keeps our audits clean, and keeps our policies real instead of decorative. What you'll own Procurement (deal velocity) Respond to security and infosec questionnaires from prospects and customers — owning SLAs that match deal timelines. Build and maintain a centralized answer library so the same question never gets answered three different ways. Stand up infosec questionnaire automation + AI augmentation so we move from artisanal to assembly-line. Triage net-new questions to the right SME — Eng for architecture, Security for controls, Legal for data handling, HR for personnel. Keep the Trust Center current and useful. Run vendor onboarding (classification + risk review), annual re-reviews, and offboarding. Compliance (SOC 2, ISO 27001, ISO 42001) Run continuous compliance — monthly/quarterly control checks Own the GRC platform (Vanta or Drata) and keep evidence current. HR controls: background checks, security awareness training, AUP acknowledgments, onboarding/offboarding ticket trails, access reviews tied to terminations. Ops controls: vendor risk assessments, BCP/DR documentation and tabletop exercises, change management evidence, board oversight artifacts. Technical controls: access provisioning + quarterly access reviews, MFA/SSO enforcement, encryption at rest and in transit, logging and monitoring evidence, vuln scans + remediation SLAs, pen test reports, secure SDLC evidence, and identifying + driving fixes for vulnerabilities in our software supply chain. Requests: Handle “right to be forgotten” GDPR and CCPA requests Auditor coordination: scoping, kickoff, walkthroughs, evidence, follow-ups, exceptions, remediation, clean report delivery to the Trust Center. Risk (policies and incident response) Maintain the policy library: infosec, AUP, access control, incident response, data classification, BYOD, encryption, change management, vendor management, BCP/DR. Run the annual policy review cycle — updates, exec approval, employee re-acknowledgment. Monitor adherence: MDM enrollment, endpoint protection coverage, SSO/MFA enforcement, privileged access reviews, exception tracking. Run incident response when something happens — detection, containment, internal + customer comms, post-mortem, regulatory and contractual notifications. What you'll have done before Ideally, you have DevOps chops. We'd love someone who's lived on the engineering side too — comfortable in CI/CD, cloud infra (AWS/GCP), IaC (Terraform), and shipping fixes themselves rather than only filing tickets. The strongest candidates won't just audit our technical controls; they'll harden them. If you've worn both the GRC hat and the DevOps hat, tell us. Owned SOC 2 Type II at a SaaS company end-to-end. ISO 27001 a strong plus. ISO 42001 a bonus — happy to grow into it. Run a GRC platform (Vanta, Drata, or similar) as the primary admin. Read a SaaS application architecture and held your own with engineers about the security implications. You don't need to be a developer, but you can talk to ours. Led at least one real incident response, not just a a tabletop. How we'll know you're great Questionnaire turnaround drops from weeks to days, with consistent answers. Trust Center is the first thing prospects see and the last thing they ask about. Audits are non-events. No 11th-hour evidence scrambles. Policies are followed because they're current and clear, not ignored because they're stale. When something goes wrong, the response is calm, fast, and well-communicated. How we work Small team. High trust. Speed-to-deploy and close deals is our edge, so your job is to make compliance and procurement match that pace, not slow it down. We default to simplicity, not 20-page specs. We expect crisp written communication and a low tolerance for ceremony that slows. #J-18808-Ljbffr
- A defense and government services integrator is seeking a part-time Security & Compliance Administrator to oversee compliance for Kubernetes and data lake deployments. The role requires an active secret clearance and a Bachelor’s degree in Cybersecurity, among other qualifications...SuggestedRemote jobPart time
$190k - $230k
A leading security solutions provider is seeking a Federal Security & Compliance Engineer in New York, NY. This role focuses on enhancing security and compliance throughout the product lifecycle. The ideal candidate has over 8 years of experience as a Security Engineer...SuggestedFlexible hours- A leading technology firm in New York is looking for a Compliance Engineer to implement security controls across its product line. You will work with various teams to navigate complex US Government regulatory frameworks and ensure compliance through audits and monitoring...SuggestedFlexible hours
$104k - $156k
...Posting Type Remote/Hybrid Job Overview The Advanced Security Engineer is a technically deep, hands-on practitioner who forms the... ...controls to CI/CD pipelines. Experience supporting compliance and audit requirements (SOC 2, ISO 27001, HIPAA) from a technical...SuggestedRemote work$90k - $150k
...lifesaving drugs, forecast supply chain disruptions, locate missing children, and more. Role As a Compliance Engineer, you will help our engineers implement Palantir Security Controls across our entire product line. You’ll work closely with many different teams to shape...SuggestedWork experience placementWork at officeRemote workWork from homeRelocation package- Assurant, Inc. is seeking a Compliance Business Technical Specialist to enhance workflows and systems within the organization. This role involves evaluating operational processes, leading improvement projects, and maintaining business systems for peak performance. The...
$155k - $190k
...tasks that really do require human legal judgment. Your Impact A Compliance Engineer on our growing DevOps team will drive the implementation of our compliance requirements, as established by the Security and governance, risk, and compliance (GRC) stakeholders. Your expertise...H1bVisa sponsorshipFlexible hours$150k - $185k
Senior Security Engineer - Application Security New York, NY About the role This is an opportunity to join K's critical InfoSec team as... ...multiple areas such as AppSec, CloudSec, SecOps, ITSec, and Compliance and apply it towards reading and interpreting architecture,...Full timeLocal area- A leading tech company is seeking experienced cybersecurity professionals to evaluate AI-generated content regarding real-world security threats and defenses. Candidates will have the flexibility of choosing projects and work hours in a fully remote capacity. The ideal...Remote job
$165k - $185k
...winter holidays). About the Role Betterment is hiring a Sr. Security Engineer, Corporate Information Security to be a principal member of... ...environments partnering closely with other Security teams, IT, Legal, Compliance, and the business units we serve. In parallel, you'll...Temporary workFor contractorsSummer holidayWork at officeLocal areaFlexible hours- About Us Turnkey builds secure, developer-first infrastructure for private key management, making it simple to create wallets, sign transactions... .... Role Overview We are hiring a Senior Application Security Engineer to join Turnkey's team and help ensure our systems, pipelines,...Work at office
- # Senior Security Engineer, Offensive SecuritySenior Security Engineer, Offensive Security at Datadog. Here at Datadog, we think about offensive security a little bit differently. We embrace automation and AI to run adversary simulations continuously across a massive cloud...
- A tech consulting firm is looking for a Sr. Infrastructure Security Engineer to develop and enhance security systems across AWS, GCP, and Azure. This remote role requires expertise in cloud security and automation, with responsibilities including architecting security systems...Remote job
$40 per hour
A cybersecurity firm is seeking experienced professionals to evaluate AI-generated security content and solve technical problems. Ideal candidates should have over 2 years in cybersecurity, strong analytical and writing skills, and some coding experience. This is a remote...Remote jobHourly payFlexible hours- EY is seeking a Financial Services Tech Consulting Rule Coding Senior in New York, focusing on investment compliance implementations across OMS platforms like Charles River and Aladdin. This role requires interpreting investment guidelines into compliance rules and validating...
$70k - $100k
...Japanese Bilingual Mid–Senior Network / Security Engineer Client: Japanese IT Company Working Location: New York, NY 10022 Working Style: Hybrid (2–3 days/week onsite) Employment Type: Full-time Salary: $70,000 – $100,000 (DOE) Benefit: Standard benefits...Full timeFor subcontractorRemote workVisa sponsorshipWeekend work2 days per week3 days per week$204k - $240k
...making a rewarding impact and Keeping Commerce Human. Salary Range $204,000.00 - $240,000.00 Role Summary Etsy is seeking a Staff Security Engineer to join our Security Operations team. As part of the larger Security org, this team plays a pivotal role in protecting and...Full timeLocal areaVisa sponsorship$40 per hour
A cybersecurity solutions provider in Canada is seeking experienced cybersecurity professionals to evaluate AI-generated security content and solve technical problems related to cybersecurity. The role offers flexibility, allowing you to work remotely and on your own schedule...Remote jobHourly pay- A tech company is seeking a Compliance Engineer to join their team in New York City. In this role, you will develop solutions to meet global regulatory requirements related to intellectual property, content, and privacy. You will work closely with various teams to design...Work at office
- Langan Engineering & Environmental Services is seeking a Project Environmental Permitting & Compliance Engineer, or Scientist / Project Manager to join its team in New York City and the Greater New York area. The role involves performing multimedia environmental permitting...
- ARRO Consulting is hiring for the position of Environmental Compliance Engineer II, responsible for supporting environmental compliance initiatives and permitting activities. This role requires a bachelor's degree and 3-6 years of relevant experience, with responsibilities...
- ...software delivery while screening for errors and refining usability. Ideal candidates will hold a Bachelor’s degree in Computer Engineering or Information Technology, possess excellent skills in software testing, and have a proactive approach to problem-solving. The position...Remote job
$96.75k - $140k
Langan provides expert land development engineering and environmental consulting services for major developers, renewable energy producers... ...Langan is seeking a Project Environmental Permitting & Compliance Engineer, or Scientist / Project Manager to join its collaborative...Temporary workFor contractorsFor subcontractorWork at officeWorldwideFlexible hours- ...ROLE: NETWORK SECURITY ENGINEER (15+ Years ) CLIENT: DOITT-OTI Brooklyn, NY HYBRID: BROOKLYN, NY (1 Day per week ONSITE / 4... ...needed and identify root causes. 6. Document Network in compliance with OTI standards. 7. As part of any...Remote work1 day per week
- ...standards Review and oversee third party vendors with implementations Secure network systems by enforcing policies and monitoring access... ...planning and audit of deployed network Work with third party engineers on regular basis Work with application project management and...Remote work
- ...Competencies: Network Security - 10+ years experience required! Key responsibilities: - Strategy and policy Develop, implement... ...security policies, procedures, and architecture. Ensure compliance with legal and regulatory requirements. Conduct risk assessments...
- ...VP Network Security Engineer Our client is a global financial services firm located in Jersey City. They are seeking a VP Network Security Engineer to join the team. Seasoned, technical VP-level candidate to be a member of the NJ Network Security Platform Architecture...
- ...Network Security Engineer Atlantic City New Jersey (Onsite) W2 Candidates only Public clearance will be required Bachelor's Degree in Electrical Engineering, Computer Science, Information Technology, or a related engineering field minimum...
- ...Network Security Engineer Job Number: 26-00740 Use your skills where innovative technology solutions begin. ECLARO is looking... ...technical expertise in ForeScout and thrives in a complex, compliance-driven healthcare environment where uptime and patient data...Contract work
$200k - $300k
Security Governance, Risk, and Compliance Lead New York, NY, United States Hudson River Trading (HRT) is seeking a Security Governance, Risk, and Compliance... ...Manage and lead a team of security GRC engineers Perform internal and external security control assessments...Work at officeLocal areaImmediate startWorldwide
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Security & Compliance Engineer. Be the first to apply!
- IT security engineer New York, NY
- sr security engineer New York, NY
- information technology security engineer New York, NY
- endpoint security engineer New York, NY
- application security engineer New York, NY
- staff security engineer New York, NY
- security operations engineer New York, NY
- senior application security engineer New York, NY
- dlp security engineer New York, NY
- security engineering manager New York, NY

