This is a fully remote position, open to applicants in United States.

• Lead initiatives for ISO 27001 certification and SOC 2 Type II attestation from start to finish.

• Develop and enhance NetBrain’s Governance, Risk & Compliance (GRC) program.

• Convert compliance framework requirements into actionable, scalable security policies and standards.

• Establish and uphold standards for Identity & Access Management (IAM).

• Deploy and oversee SIEM platforms for centralized security oversight.

• Manage the entire vulnerability management lifecycle.

• Create and maintain incident response strategies.

• Assess and manage risks associated with third-party vendors.

• Design and implement security awareness training initiatives.

• Act as the trusted security subject matter expert across various business units.

• Over 8 years of experience in information security, cybersecurity engineering, or a GRC-centric security position.

• Practical experience in leading or assisting ISO 27001 and/or SOC 2 audit and certification processes.

• Previous experience in a B2B SaaS environment with responsibilities in both product security and corporate IT security.

• Solid understanding of compliance frameworks, including ISO 27001, SOC 2, and NIST CSF.

• Familiarity with GRC platforms and security tools (SIEM, vulnerability scanners, IAM solutions, EDR).

• Professional certifications such as CISSP, CISM, CISA, or equivalent are highly preferred.

• Bachelor’s degree in Computer Science, Information Security, or a related discipline (or equivalent experience).

• 401k

• Medical/Dental coverage

• Comprehensive benefits package

Senior IT Security Engineer

People also viewed