We are hiring a Security & Compliance Engineer to lead StackBlaze toward SOC 2 and keep us there. You will own our compliance program in Vanta, drive the controls behind it, and make security a first-class part of how we build.
This is a hands-on role that spans policy, tooling, and engineering. You will work across the whole company, but spend most of your time close to the platform and infrastructure teams.
What you'll do
- Own the SOC 2 program end to end: scope, controls, evidence collection, and the audit itself.
- Administer Vanta — connect systems, manage monitors, and keep evidence continuously green.
- Write and maintain security policies, and roll out the processes that make them real.
- Partner with engineering on secure defaults, access reviews, vendor reviews, and incident response.
- Respond to customer security questionnaires and support enterprise procurement reviews.
What we're looking for
- 3+ years in security, compliance, or platform engineering with direct SOC 2 experience.
- Hands-on experience running a compliance program in Vanta (or a comparable tool).
- Solid understanding of cloud and Kubernetes security fundamentals.
- Able to translate control requirements into concrete engineering work.
- Clear writer who can own policies and communicate with auditors and customers.
Nice to have
- Experience taking an organization through its first SOC 2 Type II.
- Familiarity with ISO 27001, GDPR, or similar frameworks.
- Background in infrastructure, DevOps, or platform engineering.
Interested in this role?
Send us your CV and a short note on why StackBlaze. We review every application and aim to reply within a few business days.