Security & Compliance Engineer

This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Security & Compliance Engineer based in United States.

This role is a hands-on opportunity to strengthen the security and compliance posture of modern hybrid environments spanning AWS and Linux-based on-prem infrastructure. You will work at the intersection of security operations, engineering, and compliance, translating findings into actionable remediation and long-term improvements. The position involves close collaboration with infrastructure, platform, and software teams to ensure secure configurations, effective monitoring, and strong access controls. You will play a key role in managing vulnerabilities, supporting audits, and maintaining alignment with regulatory frameworks. The environment is fast-moving and technically deep, requiring both operational discipline and practical problem-solving. It is well-suited for someone who enjoys ownership of security issues from detection through resolution and values measurable impact across systems and teams.

Accountabilities:

Support and strengthen the security posture across cloud and on-prem systems while ensuring issues are effectively tracked and resolved.

• Review and triage vulnerability findings from scanners, penetration tests, and security assessments, driving remediation to closure.
• Collaborate with engineering and infrastructure teams on secure configurations, identity and access management, logging, monitoring, and incident readiness.
• Support compliance activities and audits including GovRAMP, FedRAMP, PCI DSS, SOC, and internal control assessments.
• Operate AWS security tools and services to support detection, monitoring, and enforcement of security controls.
• Maintain clear, accurate documentation, procedures, and control evidence aligned with operational and regulatory expectations.

Requirements:

The ideal candidate brings strong hands-on security experience across infrastructure, cloud, and compliance-driven environments, with the ability to execute and communicate effectively.

• 3+ years of experience in security engineering, security operations, infrastructure security, or compliance-focused security roles.
• Strong hands-on experience with Linux systems in production environments and securing Linux-based infrastructure.
• Practical experience securing AWS environments using services such as IAM, CloudTrail, GuardDuty, Security Hub, Config, Inspector, and KMS.
• Solid understanding of vulnerability management, configuration management, logging, monitoring, access control, and incident response practices.
• Proficiency in scripting or automation using Python, Bash, PowerShell, or similar tools.
• Strong communication skills with the ability to coordinate remediation efforts across multiple technical teams.
• Experience in regulated environments (GovRAMP, FedRAMP, PCI DSS, SOC) is a plus.
• Familiarity with POA&M tracking, security assessments, and remediation workflows is advantageous.
• Exposure to security tooling, alert triage, or compliance-driven documentation processes is beneficial.
• Comfort using AI-assisted tools responsibly for investigation, reporting, and workflow optimization.

Benefits:

• Salary range: $100,000 – $160,000/year
• Opportunity to work in a hybrid cloud (AWS) and on-prem technical environment
• Exposure to regulated frameworks and enterprise-grade compliance programs
• Minimal travel requirement (approximately 2–3 weeks per year)
• Collaborative, tool-driven engineering culture focused on ownership and impact
• Strong emphasis on professional growth and cross-functional collaboration
• Access to modern security and observability tooling

How Jobgether works: We use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Our system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team. We appreciate your interest and wish you the best!  Why Apply Through Jobgether?    Data Privacy Notice: By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre-contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time.     #LI-CL1