[Remote] Senior Security Engineer I
Note: The job is a remote job and is open to candidates in USA. DigitalOcean is a technology company focused on simplifying cloud services, and they are seeking a Senior Security Engineer I to lead the strategic maturation of their compliance framework. The role involves architecting and implementing an Integrated Management System while managing compliance projects and risk assessments to ensure DigitalOcean remains a trusted platform for customers.ResponsibilitiesArchitect and lead the implementation of an Integrated Management System (IMS) that harmonizes requirements across multiple ISO standardsManage cross-functional projects required to achieve and maintain product-level compliance certifications and/or eligibility for DigitalOcean's core and emerging cloud servicesLead both annual and ad-hoc risk assessments; maintain a dynamic risk register and drive cross-functional remediation for identified gapsDesign and implement controls which meet rigorous standards without sacrificing velocityAuthor and maintain enterprise-level security policies, standards, and procedures that reflect current regulatory landscapes, internal risk appetite, and operational engineering realitiesAct as a subject matter expert in GRC on-call rotations, directly address complex customer inquiries, and support incident response activities to ensure compliance obligations are met under pressureSkills5+ years of experience in GRC, with a proven track record of leading multi-certification and multi-standard compliance programs, preferably at a technology company, where you directly partnered with engineering or infrastructure teamsExperience building, maturing, and expanding the influence of an ISO programExperience in risk identification, various risk assessment methodologies, discerning between appropriate risk responses, and monitoring risk treatment plansComfortable working cross-functionally to interpret ambiguity within new standards (e.g., ISO 42001), regulations, and legislationAbility to translate complex legal and regulatory requirements into actionable, testable controls for engineering, product, and IT teamsStrong project management skills and the ability to manage complex, multi-quarter roadmaps involving dozens of stakeholdersRelevant industry certifications such as a CRISC or ISO 27001 Lead ImplementerFamiliarity with prominent privacy legislation (e.g., GDPR/CCPA) as it relates to ISO 27701BenefitsReimbursement for relevant conferences, training, and educationAll employees have access to LinkedIn Learning's 10,000+ courses to support their continued growth and developmentEmployee Assistance ProgramLocal Employee MeetupsFlexible time off policyBonus in addition to base salary; bonus amounts are determined based on company and individual performanceEquity compensation to eligible employees, including equity grants upon hire and the option to participate in our Employee Stock Purchase ProgramCompany OverviewDice is the go-to career marketplace for tech professionals. It was founded in 2010, and is headquartered in Drachten, Friesland, NLD, with a workforce of 201-500 employees. Its website is https://www.or-quest.nl/.Company H1B SponsorshipDice has a track record of offering H1B sponsorships, with 2 in 2022, 4 in 2021, 5 in 2020. Please note that this does not guarantee sponsorship for this specific role.