COMPLY is the leading global provider of comprehensive regulatory compliance software and solutions for the financial services sector.
The company is seeking a Senior Information Security Engineer with 7–10 years of combined IT and cybersecurity experience.
The ideal candidate will have hands-on experience with securing modern IT, networking, and cloud infrastructure.
Responsibilities include designing, implementing, and maintaining security controls and policies to ensure compliance with SOC 2 and ISO 27001 standards.
The role involves leading the organization’s vulnerability management program and managing the company’s Security Information and Event Management (SIEM) system.
The engineer will investigate suspected security events, deploy and maintain detection tools, and manage the organization’s email spam filter.
The position requires coordination with external auditors for security audits and assessments, as well as leading routine internal audits.
The engineer will develop and refine security policies and contribute to security awareness training efforts.
The role is fully remote and requires a solutions-oriented, self-starter who can work autonomously.
Requirements:
Candidates must have 7–10 years of combined experience in IT and cybersecurity.
A Bachelor’s degree from an accredited institution in Computer Science, Information Security, Information Technology, or a related field is required.
At least one industry certification such as CISSP, CCSP, CASP+, CISM, or GIAC is highly preferred.
Experience supporting security for a B2B SaaS enterprise in a regulated industry is preferred.
The candidate must be proactive, self-driven, and able to work independently in a remote setting.
Excellent collaboration and communication skills with cross-functional and international teams are necessary.
Knowledge of SOC 2, ISO 27001, or similar standards is required, along with experience aligning security programs with these frameworks.
Hands-on experience managing vulnerability management, EDR, and SIEM systems is preferred, particularly with Rapid7, SentinelOne, and Microsoft Defender.
Proficiency with security in cloud and enterprise environments (AWS, Microsoft 365, Azure) is essential.
Experience developing continuous monitoring processes, detection systems, and incident response best practices is required.
Benefits:
The position offers a salary range of $125,000 - $140,000 a year.
Comprehensive medical, dental, and vision insurance at little to no cost starting on day one.
A 401k plan with a company match is available.
Supplemental benefits at a discounted rate, including home, auto, and pet insurance.
Unlimited PTO is provided.
Professional development reimbursements are offered.
Remote opportunities are available for most positions.
The company organizes in-person events such as happy hours and team offsites.