Security Compliance Engineer

About us:

Chief is changing the face of leadership. Our mission: build the most powerful network focused on connecting and supporting women leaders. Our members are VP and C-level executives across every industry who are leading their companies today and building a more equitable tomorrow. Chief was recently recognized as one of Fast Company's Most Innovative Companies of 2021, and you can read more about us in Forbes or watch us on the Today Show.

Launched in early 2019, Chief is a Series B stage start-up backed by General Catalyst, Inspired Capital, Primary Ventures, CapitalG, and other top-tier investors. The Chief network includes 12,000 members from across the United States. We are headquartered in New York City with additional Flagship spaces in Los Angeles, Chicago, and, soon, San Francisco.

We are tech-powered. Our members make meaningful connections, engage in compelling discussions, and view our unique content through our digital platform. Our Product and Technology teams are building the future of that platform, with data and insights at its heart.

About the Role:  

We are looking for a Security Compliance Engineer to design security controls and help validate that our services, applications, and data warehouse are designed and implemented to the highest security standards. You will be responsible for analyzing the security of applications and services, discovering and addressing security issues, building security automation, and decisively taking action to mitigate emerging threats throughout a full secure development life-cycle.

You will work embedded in the DevOps team to help secure our existing infrastructure and provide additional security and auditability where possible. This role will be responsible for documenting and educating the organization at large in secure development methodologies and assist with the organization's effort to “shift left” with our security efforts. Additionally you will help coordinate and conduct any external audits required to help us achieve our security objectives.

What you’ll do: 

• Planning, implementing, managing, monitoring, and upgrading security measures for the protection of the organization's data, systems, and networks.
• Troubleshooting security and network problems.
• Responding to all system and/or network security breaches.
• Draft and implement handbook pages, procedures and runbooks related to security compliance
• Direct external audits
• Design requirements for security compliance automation tasks
• Identify manual security compliance controls that can be improved through automation
• Work with IT to implement proper RBAC across our Cloud and SaaS infrastructure

What you’ve done and enjoy doing:

• Security engineering experience
• Experience with Infrastructure as Code tooling such as Hashicorp Terraform or AWS Cloudformation
• Proven experience writing executive-level communications and reports
• Detailed understanding of how compliance works with cloud-native technology stacks deployed on
  • Amazon Web Services / AWS
  • Google Compute Platform / GCP
• Experience with security control frameworks (e.g. SOC 2, ISO, NIST, COSO, COBIT, etc.)
• Experience with GDPR and CCPA

Why You'll Want to Work Here:

• Competitive salary and equity
• Flexible vacation policy
• Full medical, dental, and vision packages, 401(k)
• Experience as an early member of a startup team with exciting early traction
• Opportunity to work for a startup focused on driving real change for women in business
• Opportunity to create and attend inspiring experiences and events with leaders of the industry
• Access to our ongoing virtual Chief member exclusive content, including workshops, thought leadership, and iconic speakers
• Wellness, Work from home and Learning Stipends

#LI-Remote