Senior Security & Compliance Engineer
Вакансия из Hirify Global, списка международных tech-компанийДля мэтча и отклика нужен Plus
Мэтч & Сопровод
Для мэтча с этой вакансией нужен Plus
Описание вакансии
TL;DR
Senior Security & Compliance Engineer (Security/Compliance): Drives security hardening and compliance certification readiness for a CSR platform with an accent on SOC certification, GDPR compliance, and data residency architecture. Focus on implementing security controls, configuring infrastructure, and automating evidence collection for various security and compliance certifications.
Location: Wroclaw, Poland
Company
is a purpose-driven software company focused on the social impact sector, building innovative SaaS solutions that empower nonprofits, donors, and communities.
What you will do
- Implement and automate controls for SOC 1 Type II and SOC 2 Type II certification readiness.
- Develop GDPR cross-border data transfer safeguards and data subject rights APIs.
- Design and implement data residency controls for multi-region expansion.
- Configure Auth0 tenant federation, SSO (SAML 2.0, OIDC), and SCIM-based user provisioning.
- Enforce role-based and attribute-based access control in API middleware.
- Establish audit logging with tamper protection and compliance for 7-year retention.
Requirements
- Expert use of AI-assisted development tools (Copilot, Claude, Cursor, or equivalent).
- Strong experience with Auth0 administration and integration (OAuth2, OIDC, SAML 2.0).
- Practical implementation of SOC 2 Type II controls and GDPR technical compliance.
- Proficiency in AWS security services (IAM, KMS, Secrets Manager, CloudWatch, VPC).
- Hands-on experience with TypeScript / Node.js for security middleware and API enforcement.
- Experience with Aurora PostgreSQL for advanced security features (field-level encryption, row-level security).
Nice to have
- SOC 1 Type II experience.
- PCI DSS (SAQ-A or higher) experience.
- Data residency architecture for multi-region SaaS.
- ISO 27001 familiarity.
Culture & Benefits
- Paid vacation and sick days.
- Sport/insurance compensation.
- English classes and training compensation.
- Opportunity to participate in charity initiatives.
Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →
Текст вакансии взят без изменений
Похожие вакансии
Lead Cyber Security Analyst
Cloud Application Security Engineer
Cyber Security Specialist (Zero Trust)
IT Security Expert (Microsoft Security)
Security Engineer (Cloud & Endpoint)