Senior Security and Compliance Engineer

Who We Are

KeepTruckin builds technology using the latest advancements in AI and computer vision to improve the safety and efficiency of businesses with vehicles. Over one million drivers and 100,000 companies across every industry trust KeepTruckin’s integrated platform to power their operations, prevent accidents and reduce costs.

Want more jobs like this?GetSoftware EngineeringjobsinSan Francisco, CAdelivered to your inbox every week.

Want more jobs like this?

GetSoftware EngineeringjobsinSan Francisco, CAdelivered to your inbox every week.

Get Jobs

About the Role:The Senior Security and Compliance Engineer, a thought leader residing within our security organization, is responsible for implementing and maintaining the compliance management framework and program. This position will be part of a team of security experts and work with technology and legal partners and business units to meet our global security compliance needs.The ideal candidate should have extensive experience in developing, deploying, and maturing compliance management frameworks and programs, a deep understanding of general security technologies and best practices, and knowledge of global data privacy laws and regulations. This role must collaborate effectively with development, engineering, and operations counterparts as well as internal and external partners to assess, report, and maintain compliance against applicable security industry standards and regulatory requirements.What You’ll Do:Promote, drive & track adoption of centralized security and compliance services across the companyPartner with KT development teams to help them understand their security and compliance requirements, document onboarding procedures, and make it easy for them to adopt security and compliance servicesImplement and support the deployment of new security technologies, both software and hardware, across the company including both cloud security and IoT security solutions for the protection of the organization based on the latest threatsDrive and track the overall work across KT Platform to close open vulnerabilities, security defects, and compliance failuresLead internal and 3rd party audits to ensure successful, high-quality, on-time auditsEngage with development teams and internal/external auditors as required during an audit to facilitate audit interviews, help gather audit evidence, and remediate any audit findingsPartner with development teams to help inform the product roadmap and provide user feedback that will be used to improve security and compliance servicesWhat We’re Looking For:A minimum experience of 3 years developing security tooling, automation, and integrations.A minimum of 2 years of experience in cloud security and application security.A minimum of 2 years of experience in information security compliance and assurance, including compliance assessment, audit, controls monitoring, and compliance metricsPossess a bachelor’s degree or higher in the field of information security, engineering, computer science, or equivalent advanced technology field of studyKnowledge of security and data privacy standards, regulations, and guidelines such as ISO 27k, SOC 2, PCI DSS, NIST, CIS, GDPR, CCPAExperience developing and deploying compliance management frameworks and programs, preferably with international experience in e-commerce or technology-related industryFamiliarity with fully automated controls, control testing automation, Compliance-as-Code (CaC), Infrastructure-as-Code (IaC), and DevSecOps.2+ years of experience assessing and analyzing the operations, processes, and procedures of various business units as it relates to security controls.

About the Role:

The Senior Security and Compliance Engineer, a thought leader residing within our security organization, is responsible for implementing and maintaining the compliance management framework and program. This position will be part of a team of security experts and work with technology and legal partners and business units to meet our global security compliance needs.

The ideal candidate should have extensive experience in developing, deploying, and maturing compliance management frameworks and programs, a deep understanding of general security technologies and best practices, and knowledge of global data privacy laws and regulations. This role must collaborate effectively with development, engineering, and operations counterparts as well as internal and external partners to assess, report, and maintain compliance against applicable security industry standards and regulatory requirements.

What You’ll Do:

What We’re Looking For: