Security Compliance Engineer
About The Position
Aqua’s Information Security team is a business enabler, committed to supporting company business by effectively securing daily operations, technology, assets, and employees. As one of company core teams, we are working with the entire organization, interacting closely with all company functions and employees, and actively involved in the dialog with customers.
As Security Compliance Engineer you will be responsible for overseeing and improving security controls, certifications and policies that support the business in all areas: cloud and on-premises. You will execute periodic and implement new corporate compliance, attestation, and certification activities. You will drive implementation and continues improvement of standards and procedures. You will work closely with the company whole to make sure that the compliance and applicable regulation requirements are met.
- Drive and conduct company certifications program, including but not limited to ISO 27001, SOC 2 Type II, FedRAMP, NIST, FIPS
- Maintain existing and introduce new corporate compliance and certifications
- Continues interaction with multiple interfaces within and outside of the organization
- Review and reply to customers inquiries and security questionnaires
- Maintain and update company policies, standards, and practices
- Prepare, document, and update standard operating procedures and protocols
- Conduct vulnerability scans and penetration tests
- Conduct periodic access and configuration reviews
- Recommend and implement security enhancements and improvements
- Assist in educating staff members on information security through training and awareness
- Support overall corporate security program
The ideal candidate will have excellent technical and communications skills and be able to translate business requirements to compliance recommendations, policies, standards, and procedures. The one should be able to identify risks and propose mitigations; has an ability to read and update security documentation, such as policies, procedures, customer queries. This person can multi-task, is self-motivated and a team player; is highly organized with high energy level and a can-do attitude. Required skills include:
- 3 years’ experience as Security Compliance Engineer or similar position, working with cloud and on-premises products and services
- Experience in implementing and maintaining of regulatory compliance and adhere to framework requirements such as SOC 2 Type II, ISO 27001, FedRAMP, NIST, GDPR, etc.
- Ability to read, review and update security and compliance documentation
- Excellent communication and organizational skills
- Experience with cloud, on-premises and hybrid security methodologies and principles
- SaaS, serverless and container experience – major advantage
- Thorough understanding of potential and emerging information security threats, vulnerabilities, and control techniques.
- Problem-solving skills and ability to work in demanding situations
- Familiarity with cloud computing environments (AWS, Azure, and Google Cloud)
- Language requirements: English, Hebrew
AND NOW, A LITTLE ABOUT AQUA:
Aqua Security helps enterprises secure their cloud-native applications from development to production, whether they run using containers, serverless, or virtual machines. Aqua bridges the gap between DevOps and security, promoting business agility and accelerating digital transformation.
- Total of $265M in VC funding
- More than 400 enterprise customers across the globe
- Strategic partnerships with the major cloud-native platform providers and public cloud providers
- At the forefront of open-source cloud-native solutions and primary cybersecurity research
If you’re ready to do your best, now is the perfect time to join Aqua! We are a global late stage start up, but still small enough for you to make a big impact. We have dedicated employees around the globe. And aside from being in a hot cloud security industry, we love to have fun! Aqua also offers competitive comp and benefits, great company culture, amazing colleagues, international travel and lots more!