CrawlJobs Logo

Compliance Security Engineer

United States, East Hartford · Job Posted April 16, 2026
Apply Position
Job Link Share

Job Description

We are looking for a Compliance Security Engineer to join a growing team. You must have experience consulting multiple organizations and teams. Experience with government consulting is a major plus. You must be a US Citizen as you'll be working on some government contracts.

Job Responsibility

  • Guide clients through achieving and maintaining compliance with frameworks such as CMMC and NIST SP 800-171
  • Conduct gap assessments and develop Plans of Action & Milestones (POA&M)
  • Support audit readiness through evidence collection, documentation, and reporting
  • Maintain accurate records within the organization’s Governance, Risk, and Compliance (GRC) platform
  • Perform vulnerability assessments, risk analyses, and security configuration reviews
  • Configure and manage security tools such as EDR, SIEM, MFA, firewalls, and VPN solutions
  • Develop and maintain secure configuration baselines and automation for scalable deployments
  • Participate in incident response activities, including investigation, containment, and remediation
  • Create and update incident response playbooks and procedures
  • Contribute to continuous improvement of incident response capabilities
  • Develop and maintain security policies, standards, and procedures aligned with compliance frameworks
  • Create documentation tailored to individual environments and regulatory requirements
  • Communicate effectively with both technical and non-technical stakeholders
  • Lead or support stakeholder meetings related to compliance, risk, and incident response

Requirements

  • Working knowledge of cybersecurity frameworks (CMMC and NIST preferred)
  • Strong understanding of network infrastructure, systems, and security technologies
  • Experience securing cloud environments (AWS, Azure / 365, or GCP)
  • Proven troubleshooting and analytical skills in high-pressure environments
  • Strong written and verbal communication skills
  • Ability to manage multiple projects and priorities
  • 4+ years of experience in compliance, cybersecurity, or security engineering
  • Experience supporting CMMC and/or NIST 800-171 compliance frameworks
  • Bachelor’s degree in Cybersecurity or equivalent experience
  • Must be a US Citizen
  • Experience with government consulting is a major plus

What we offer

  • medical, vision, dental, and life and disability insurance
  • eligible to enroll in our company 401(k) plan
  • free online training

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Compliance Security Engineer

8 matching positions

Sr Security Compliance Engineer

Apex Systems is looking for a Sr Security Compliance Engineer who excels in thei...
Location
Location
United States , Tampa; Dallas
Salary
Salary:
80.00 - 85.00 USD / Hour
apexsystems.com Logo
Apex Systems
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10 years risk assessment background
  • Sr level with NIST guidelines and compliance
  • Security focus points like: access control, prompt logging
  • Google SecOps
Job Responsibility
Job Responsibility
  • Infrastructure component analysis and architectural design reviews
  • Review first-line solutions for compliance with NIST-aligned control standards and security requirements
  • Assess architecture and technical designs, identifying gaps, risks, and non-compliance with security best practices
  • Recommend and drive remediation actions to align solutions with security, regulatory, and operational requirements
  • Create, maintain, and govern enterprise security baselines and hardening standards
  • Establish configuration standards based on industry frameworks, vendor guidance, and organizational security policies
  • Support secure-by-design principles and provide security architecture guidance throughout the solution lifecycle
What we offer
What we offer
  • medical
  • dental
  • vision
  • life
  • disability
  • insurance plans
  • ESPP (employee stock purchase program)
  • 401K program with company match after 12 months
  • HSA (Health Savings Account on HDHP plan)
  • SupportLinc Employee Assistance Program (EAP) with up to 8 free counseling sessions
Read More
Arrow Right

QA Engineer – Security, Compliance & Automation

We are looking for a QA Engineer specializing in security, compliance, and autom...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
Codvo AI
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in QA or Test Automation for enterprise applications
  • Strong knowledge of C#, .NET, Angular, or Java-based testing frameworks
  • Experience with Selenium, Playwright, Postman, JMeter, or Robot Framework
  • Hands-on experience with SAST/SCA tools (SonarQube, Snyk, Checkmarx, or similar)
  • Familiarity with secure SDLC, OWASP Top 10, and DevSecOps pipelines
  • Working knowledge of compliance frameworks (CRA, SOC 2, ISO 27001)
  • Strong analytical, debugging, and documentation skills
Job Responsibility
Job Responsibility
  • Design and implement automated test frameworks for secure SDLC validation (unit, integration, functional, and regression)
  • Conduct compliance-driven testing aligned with EU CRA, NIS2, and ISO 27001
  • Build and maintain security and compliance test suites in CI/CD pipelines (e.g., GitHub Actions, Jenkins, Azure DevOps)
  • Execute vulnerability validation, SBOM verification, and dependency testing using SCA/SAST/DAST tools
  • Collaborate with developers to triage and validate remediation fixes for security and compliance findings
  • Generate audit-ready QA documentation for regulatory assessments
  • Support performance, reliability, and failover testing in security-critical systems
  • Fulltime
Read More
Arrow Right

Senior IT Security Compliance Engineer

The Senior IT Security Compliance Engineer is responsible for developing, mainta...
Location
Location
Egypt , Cairo
Salary
Salary:
Not provided
arrow.com Logo
Arrow Electronics
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong knowledge of information security principles, risk management, and compliance frameworks, with a solid understanding of ISO 27001 requirements and controls
  • Hands-on experience supporting audits and compliance programs for frameworks such as ISO 27001, SOC 2, CMMC, NIST, or similar
  • GRC-related certification (e.g., CISSP, CISA, CRISC, ISO 27001 Lead Implementer/Lead Auditor) is preferred
  • Experience working in SaaS or technology-driven environments is highly desirable
  • Familiarity with cloud computing platforms and cloud security principles
  • Excellent written and verbal communication skills, with proven ability to produce clear, high-quality security documentation and reports
  • Minimum of 5 years of professional experience in cybersecurity, information security, or compliance-related roles
  • Bachelor’s degree in Computer Engineering, Computer Science, Information Security, or a related field
Job Responsibility
Job Responsibility
  • Develop, review, and maintain IT security policies, standards, procedures, and guidelines in alignment with industry best practices and regulatory requirements
  • Lead and coordinate compliance initiatives for security frameworks and standards, including but not limited to ISO 27001, SOC 2, CMMC, NIST, and internal security assessments
  • Manage audit readiness activities, including documentation preparation, evidence collection, stakeholder coordination, and remediation tracking for internal and external audits
  • Respond to customer and partner security questionnaires, ensuring accurate, consistent, and timely responses
  • Conduct periodic security and risk assessments to evaluate the effectiveness of security controls and identify improvement opportunities
  • Track, manage, and follow up on vulnerability remediation efforts in collaboration with IT, engineering, and operations teams
  • Prepare and deliver security metrics, compliance reports, and executive-level summaries
  • Provide security awareness, training, and education to employees to promote a strong security culture across the organization
  • Support continuous improvement of governance, risk, and compliance (GRC) processes and tooling
  • Fulltime
Read More
Arrow Right

Senior Backend Engineer (Security Compliance)

Join a high-autonomy team as a senior contractor architecting the next generatio...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
https://www.randstad.com Logo
Randstad
Expiration Date
July 28, 2026
Flip Icon
Requirements
Requirements
  • Java
  • Spring Boot
  • GCP
  • GKE
  • gRPC
  • GraphQL
  • REST
  • PostgreSQL
  • BigQuery
  • Cloud SQL
Job Responsibility
Job Responsibility
  • Architect & Build: Develop Java-based backend services (Spring Boot, Apollo) to enforce compliance controls within a GitHub Enterprise environment.
  • Fulltime
Read More
Arrow Right

Cloud Security Compliance Engineer - VOIS

We are seeking a Cloud Security Compliance Engineer to define, build and operate...
Location
Location
India , Pune
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • An experienced cloud security practitioner with hands‑on knowledge of AWS, Azure, GCP and OCI environments
  • Skilled in cloud security principles, configuration standards and industry benchmarks
  • Comfortable working in DevOps or DevSecOps environments with strong automation and scripting capability
  • Confident in engaging with technical and non‑technical stakeholders, including presenting risk and compliance insights at management level
  • Experienced with operating systems, networking, cloud-native security services and third‑party compliance or workload protection tools
Job Responsibility
Job Responsibility
  • Define, implement and operate a continuous cloud compliance service using in‑house, commercial and open‑source tools
  • Manage the service roadmap from minimum viable capability to mature operations, including automated remediation
  • Maintain and evolve minimum configuration standards for IaaS and PaaS environments aligned to industry benchmarks and internal policies
  • Partner closely with cloud account owners to reduce security risk and improve compliance outcomes across platforms
  • Design and manage identity and access controls for cloud compliance tooling
  • Integrate cloud compliance services with wider security capabilities such as vulnerability management, threat intelligence and incident response
  • Tune compliance policies to reflect global standards, regulatory expectations and evolving risk profiles
  • Support operational activities including reporting, incident escalation, remediation tracking and management dashboards
  • Develop reusable templates, patterns and guidance to support local markets and group entities
  • Extend cloud security operations into adjacent areas such as automated remediation, workload protection, DevSecOps tooling, container security and perimeter controls
  • Fulltime
Read More
Arrow Right

Senior Security & Compliance Engineer - eLxr

We are seeking a highly skilled Security & Compliance Engineer to lead security ...
Location
Location
United States , Greater Austin, TX
Salary
Salary:
Not provided
aptiv.com Logo
Aptiv plc
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor degree in Computer Science, Cybersecurity, or related field (or equivalent experience)
  • 5+ years of experience in Linux security engineering, preferably with Debian or derivatives
  • Strong knowledge of compliance frameworks (FIPS, STIG, CIS) and SDL practices
  • Hands-on experience with secure boot, encryption tools, and vulnerability management
  • Proficiency in CI/CD security, image generation, and OS installer processes
  • Familiarity with CVE tracking, patching baselines, and audit readiness
  • Excellent problem-solving and communication skills
  • Must reside in Greater Austin, TX area with ability to be present on site
  • United States Citizenship required
Job Responsibility
Job Responsibility
  • Drive adherence to FIPS, STIG, CIS benchmarks, and Secure Development Lifecycle (SDL) practices
  • Manage encryption tools (e.g., OpenSSL and related libraries) and ensure cryptographic compliance
  • Security & Compliance: Implement and maintain segmentation, secrets management, certificate lifecycle processes, and least privilege access controls
  • Ensure audit readiness and compliance with industry standards
  • Image & Installer Management: Oversee generation of OS images (.iso, qcow2, container images) and maintain secure OS installer workflows
  • CI/CD & Backend Systems: Secure CI pipelines and entitlement backend systems, ensuring integrity and compliance throughout build and deployment processes
  • Vulnerability Management: Monitor CVEs, manage vulnerability remediation, and coordinate timely patching and fixes
  • Secure Boot & Encryption: Implement and maintain secure boot processes
  • Security Testing: Develop and execute security testing strategies, including regression and final build validation
  • Web Properties & Portals: Ensure security and compliance across all sites (.org, .pro, .dev) and entitlement portals
What we offer
What we offer
  • Hybrid work model for workplace flexibility
  • Comprehensive health, dental, and life insurance
  • Short and long-term disability coverage
  • RRSP matching for financial security
  • Flexible time-off policies for work-life balance
  • Employee assistance program for mental well-being
  • Learning benefits, including a LinkedIn Learning subscription and seminars
  • Fulltime
Read More
Arrow Right

Senior Software Engineer – C#/.NET, Angular, Security & Compliance

We are seeking a seasoned Senior Software Engineer with deep expertise in C#/.NE...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
Codvo AI
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong hands-on experience in C#/.NET (Framework and Core) and Angular (v8+)
  • Exposure to SOA and microservices architecture in recent implementations
  • Familiarity with OWASP Top 10 and secure coding practices
  • Experience working with legacy codebases and refactoring strategies
  • Knowledge of Black Duck or similar software composition analysis tools
  • Experience integrating third-party connectors in enterprise environments
  • Understanding of secure data processing, input validation, output encoding, and JWT management
  • Excellent debugging and problem-solving skills
Job Responsibility
Job Responsibility
  • Maintain and enhance legacy applications built on C#/.NET with Angular front-end components
  • Implement bug fixes and security patches identified through compliance testing and tools like Black Duck
  • Apply OWASP best practices to secure service-oriented architectures (SOA) and modern microservices
  • Collaborate with external vendors to integrate and maintain third-party connectors
  • Conduct code reviews and ensure adherence to secure coding standards
  • Participate in secure SDLC activities including threat modeling, static analysis, and test-driven security
  • Document technical changes and maintain traceability for compliance audits
  • Fulltime
Read More
Arrow Right

Senior Security Engineer – Medical Device Cybersecurity & Compliance

Job Description: Senior Security Engineer – Medical Device Cybersecurity & Compl...
Location
Location
India , Ahmedabad
Salary
Salary:
Not provided
arrow.com Logo
Arrow Electronics
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 6 years of experience in cybersecurity
  • At least 3 years focused on medical devices, embedded systems, or IoT security
  • Proven track record in authoring security design, defining technical requirements, and documenting security architectures aligned with regulatory needs
  • Hands-on experience in embedded system security including secure boot, firmware security, threat modeling techniques (e.g., STRIDE, DREAD), and product-level risk assessments
  • Strong understanding of IEC 81001-5-1, IEC 60601-4-5, AAMI TIR 57, and AAMI TIR 97
  • Working knowledge of the medical device product development lifecycle and quality standards like ISO 14971
  • Demonstrated expertise in vulnerability management and penetration testing of connected products across device and cloud ecosystems
  • Excellent problem-solving skills, critical thinking, and ability to lead gap analysis and remediation activities in regulated environments
  • Strong collaboration skills with the ability to influence cross-functional teams including R&D, compliance, and product management
Job Responsibility
Job Responsibility
  • Drive end-to-end cybersecurity integration across the medical device product development life cycle
  • Develop and maintain cybersecurity for medical products, including security requirements specifications, risk assessments, threat models, and product security architecture documentation
  • Conduct thorough gap assessments to evaluate compliance with IEC 81001-5-1, IEC 60601-4-5, AAMI TIR 57, and AAMI TIR 97 standards, and implement remediation measures
  • Perform hands-on vulnerability assessments, penetration testing, and secure code reviews of embedded devices, IoMT components, and connected systems
  • Collaborate closely with development, compliance, and regulatory teams to ensure product security measures meet both internal security policies and external regulatory expectations
  • Support SBOM management, software supply chain risk evaluations, and third-party component analysis
  • Provide expert input on secure communication protocols, encryption standards, data protection for both at-rest and in-transit data, and cloud-based connectivity of medical systems
  • Assist in developing incident response strategies
  • Contribute to the continuous enhancement of internal secure development processes, tools, and methodologies, while championing security best practices within product teams
  • Fulltime
Read More
Arrow Right