Remote Founding Security Engineer – Governance, Risk & Compliance (GRC)

Description:

• Sift is redefining how modern machines are built, tested, and operated, providing engineers with real-time observability over high-frequency telemetry.
• The company was founded by a team from SpaceX, Google, and Palantir, focusing on mission-critical systems where precision and scalability are essential.
• The founding Security & Compliance Engineer will define the security posture, architecture, and practices for Sift's products and infrastructure.
• This role involves both hands-on and strategic responsibilities, including building controls, automating compliance, and collaborating with customers, auditors, and internal teams.
• The Security & Compliance Engineer will own Sift’s security posture end-to-end, blending technical security engineering with governance, risk, and compliance leadership.
• This position is high-visibility and high-ownership, as the first security hire, laying the foundation for the security program as the company scales.

Requirements:

• Candidates must have 5+ years of experience in cybersecurity, product security, or cloud security roles, ideally in high assurance or regulated industries.
• Hands-on experience securing AWS or an equivalent cloud service provider (GovCloud preferred) and Kubernetes-based environments is required, along with strong infrastructure as code practices.
• A proven track record in leading or supporting compliance initiatives such as SOC 2, NIST 800-171, CMMC, FedRAMP, or ISO 27001 is essential.
• Candidates should possess a deep understanding of network, endpoint, and identity security principles.
• Experience with security tooling and integration into operational workflows is necessary.
• The ability to translate compliance requirements into clear, actionable engineering work is required.
• Experience managing third-party/vendor risk and conducting customer-facing security reviews is essential.
• Strong communication skills with both technical and non-technical stakeholders are necessary.
• A customer-facing presence for audits and enterprise assurance is required.
• Candidates should be collaborative partners to infrastructure and product teams, demonstrating high ownership and adaptability in fast-moving environments.
• Integrity and trustworthiness in handling sensitive data and compliance matters are essential.
• Candidates should be excited to operate as a team of one initially, with the vision to build and lead a security function over time.

Benefits:

• The salary range for this position is $170,000 - $220,000 per year, plus equity and benefits.
• Sift offers a collaborative work environment, meeting in person twice a week and for a full week every two months.
• The company is open to relocating candidates to Los Angeles or considering remote work from the San Francisco area for the right candidate.
• Eligibility requires being a U.S. Citizen or Green Card Holder due to ITAR and EAR compliance requirements.