landing_page-logo
Traverse Technologies logo

Security & Compliance Engineer (Remote)

Traverse TechnologiesPurchase, NY
Apply with Sonara
Apply

Automate your job search with Sonara.

Submit 10x as many applications with less effort than one manual application.1

Reclaim your time by letting our AI handle the grunt work of job searching.

We continuously scan millions of openings to find your top matches.

pay-wall

Job Description

About Us:

We are a fast-growing company building technology for airlines and corporate travel. Our services run in AWS and leverage modern cloud architecture to provide highly available, scalable, secure, and compliant services for some of the largest travel providers in the world. We are SOC 2 and PCI compliant, and our applications are built using Java/React as well as other languages/frameworks, with a variety of AWS-managed services at the core of our architecture.

We are looking for humble leaders who lead by example through teamwork and collaboration. The ideal candidate must have excellent listening and communication skills and be capable of diagramming and documenting solutions and process/data flows.

Key Responsibilities:

  • Manage PCI DSS 4.0.1 and SOC 2 Type 2 compliance programs, ensuring continuous adherence to regulatory standards.
  • Manage Privacy by Design and NIST 800-53 security programs and risk analysis, Data Protection Impact Assessments, Vendor Risk Management, and Hardware/Software Inventory.
  • Own AWS security best practices, including AWS Config, Security Hub, and IAM; establish and monitor encryption practices and secure cloud configurations.
  • Conduct risk assessments, vulnerability management, and security audits.
  • Implement and enforce security policies across development and production environments, as well as Endpoint and Mobile Device Management (EDM and MDM).
  • Respond to security incidents, leading investigation recovery, and mitigation efforts.
  • Automate security processes, access management, and compliance reporting.
  • Collaborate with development and DevOps teams to embed security into the development lifecycle and CI/CD pipelines.
  • Train and educate teams on secure software development practices, policy, and compliance requirements. Leadership and Collaboration:
  • Act as a subject matter expert on cloud security, compliance, and risk management.
  • Work closely with engineering, DevOps, and leadership teams to align security initiatives with business goals.
  • Define security architecture and governance frameworks for cloud environments.
  • Document security policies, incident response procedures, and compliance workflows.

Who You Are:

  • 10+ years of experience in security engineering, compliance, or cloud security roles.
  • Deep understanding of PCI DSS, SOC 2, GDPR, and cloud security best practices.
  • Expertise in AWS security tools such as GuardDuty, WAF/Shield, Security Hub, Inspector, as well as TrendMicro CloudOne, Pen Testing, and Application Security Assessment tools.
  • Strong background in identity and access management (IAM), network security, and data protection.
  • Experience with security automation and infrastructure-as-code security controls.
  • Skilled in vulnerability assessment tools, SIEM solutions, and incident response.
  • Strong analytical, problem-solving, and communication skills.

Why Join Us?

  • Opportunity to lead security initiatives in a high-growth company with a global impact.
  • Work with a team that values security, privacy, and compliance as core business priorities.
  • Competitive compensation, benefits, and a flexible work environment.