Security Compliance Engineer

Note: This is a remote-only role. As long as you have a stable internet connection, you can work from anywhere in the world. We do meet up if you are in Delhi NCR or on our company trips. Have you ever ordered with Swiggy or BigBasket? Or booked a ticket on BookMyShow? Or have you bought a product from Nykaa? Then, you've already interacted with ImageKit. ImageKit is a SaaS product that streamlines images and videos for companies of all sizes across the globe. Over 250,000 developers and 2000+ companies across 80+ countries use ImageKit to store, manage, and deliver optimized images and videos on websites and apps. ImageKit is journeying to revolutionize media delivery, management, and automation space. And we are looking for people like you to join us on this journey. Want to know more about our company? - Founder’s blog on funding and future plans - - Startup Journey and future plans on Yourstory - - Future Growth Plans covered on CNBC TV18 - - Glassdoor Reviews - - Company Page - (feel free to reach out to one of our existing employees to know more about how we work) Background about ImageKit relevant to this role We are seeking a Security Compliance Engineer with DevOps experience to enhance our Engineering team. This role combines security, compliance, and DevOps to ensure our technology infrastructure is secure, compliant, and efficiently managed. The ideal candidate will be adept at using cloud technologies, particularly AWS, and have experience with infrastructure as code, specifically Terraform Key responsibilities - Implement security measures and compliance controls within our backend systems, focusing on cloud environments like AWS and enterprise security. - Collaborate with the compliance/security team to adopt new compliance standards, integrate them with existing security solutions and collect evidence for external audits. - Enhance data protection, conduct risk assessments, and ensure systems comply with standards like GDPR, SOC2, or ISO. - Ensure controls are configured correctly and integrated into the security strategy - Identify and mitigate vulnerabilities, ensuring both security and compliance across systems. - Stay updated on security technologies and compliance regulations, applying this knowledge to improve our infrastructure. - Works with the engineering team to build secure and compliant software development practices. - Manage application patching and update AWS configurations using Terraform to maintain system integrity and performance. - Work with the team to conduct regular audits to ensure compliance with internal policies and procedures, relevant security standards best practices, regulations and client requirements to identify gaps and provide remediation solutions Qualifications Basic Qualifications - Bachelor’s degree in Computer Science, Information Systems, Security or a related field. - 2+ years of experience within a security and compliance function - Experience with vulnerability management tooling, remediation, and processes - Experience with Docker, Terraform, AWS - Understanding of concepts related to Systems Engineering/DevOps, IaC, IAM, network security, systems security, cryptography - Understanding of compliance frameworks (e.g., GDPR, SOC2, ISO) and security best practices. - Strong expertise in cloud security and compliance, particularly with AWS. Preferred Qualifications - Have a wide understanding of cybersecurity and data protection frameworks such as ISO 27001, NIST, SOC2, PCI-DSS, GDPR, CCPA. - Experience developing and maintaining policies, procedures, standards, and guidelines to align with company’s strategy and best practices - Experience with automated compliance and security monitoring tools. - Knowledge of AI Models and secure, compliant integration. - Ability to work effectively in fast-paced and dynamic environments. - Excellent communication skills for technical and regulatory collaboration. - Enterprise security experience is a plus What we offer for this role 1. An excellent compensation, for sure, with lucrative sales commissions. 2. Clear path to promotion into Account Executive and beyond. 3. You work with a very hardworking and responsible remote team. We take our work seriously, and also our off-sites (the last ones were in Phuket, Udaipur, Goa, Corbett, Bali, and Mussoorie. Don't miss out on the next :)) 4. We take care of your and your family's health insurance. 5. Help you with funds to set up your workspace at your home or take up a co-working space. 6. A learning and wellness fund to pursue any professional course and any hobbies outside of work (Gym, bartending, sports, and dancing are some hobbies that our team members have pursued). 7. No questions asked leave policy. We trust you to get the work done. 8. Flexible working hours and flexible work locations. As long as you have a stable internet connection, you can work from anywhere in the world.