Lead Security Engineer

🚀 About Compa

Compa is a venture-backed SaaS startup revolutionizing the future of compensation.

In a dynamic job market with hiring challenges, accountability, and the rise of AI, companies need the best data to stay ahead of industry changes, competition, and costs. Compa has developed the premier real-time compensation data platform, delivering top-tier compensation intelligence to leading enterprise teams.

Compa is a compensation intelligence company built to augment enterprise compensation teams in the era of AI.

Our customers include the world’s biggest companies: Apple, NVIDIA, Tesla, Mastercard, T-Mobile, Sanofi, Moderna, Gilead Sciences, and more.

💻 About the role

We’re looking for a lead security engineer to own Compa’s security operations across our products, systems, and operations. This role is a stepping stone to Compa’s Head of Security & Privacy as our company grows.

The best enterprise companies in the world trust us with the data — you will have full ownership to meet and exceed the high bar for data security and data privacy.

Philosophically, Compa sees data security and data privacy as an engineering concern that exists within a regulatory envelope — engineering drives both data security and data privacy, with support from legal.

Core responsibilities of this role:

• Lead the design, development, and implementation of security solutions that protect Compa’s infrastructure, products, and customer data

• Lead internal security operations (including risk assessments, threat detection, incident response, and vulnerability management) and monitor compliance with industry standards and regulations

• Partner with Compa’s Co-founder & CTO to develop security best practices regarding both conventional AI and generative AI

• Own Compa’s SOC2 Type 2 and third-party pen test, OSINT and social engineering tests; including vendor selection and mangement

• Maintain a high level of subject matter expertise in cybersecurity/information security, cloud computing, IT operations, IT risk management, and IT internal audit, as well as supervisory expectations, industry practices, and emerging trends in those areas

• Partner with Compa’s VP, Sales to communicate Compa’s security posture to prospects in procurement

• Partner with Compa’s Director of Marketing to communicate Compa’s security posture to the market

• Drive at least one application security project with influencing/leading/guiding Compa’s Data Products and Data Trust teams through independent execution of security and privacy projects

👋 About you

• 5+ years of relevant IT & Security experience in a high-performing organization

• Expert-level understanding of the SaaS enterprise security regime

• Highly influential spoken and written communication with XFN leaders, technical leaders, and customers

• Track record of securing enterprise systems in production (securing AI systems is nice, not required)

• Experience at a growth-stage startup building products for enterprise

• Experience securing cloud infrastructure (AWS, GCP, Azure, etc.)

• You have an interest in and are excited about the opportunity to grow into a Head of Security & Privacy

• Low ego, with an appetite to build, and employ good judgment in making hard trade-offs with limited resources

• It’s nice (but not required) if you have experience securing probabilistic systems (generative AI, conventional AI, ranking, recommendations, etc.)