Security Engineer

About Glean

We’re on a mission to bring people the knowledge they need to make a difference in the world. 

Glean was founded by a seasoned team of former Google search and Facebook engineers, who wondered why we don’t have an easier way of finding what we need at work. In our personal lives, we have tools to help us find pretty much whatever we need. Why don’t we have that at work? And that was the beginning of Glean.

Glean searches across all your company’s apps to help you find exactly what you need and discover the things you should know. We’re a diverse team of curious and creative people who want to help each other get big things done—so we can help other teams do the same. 

We're backed by some of the Valley's leading venture capitalists—including Sequoia, Kleiner Perkins, Lightspeed, and General Catalyst—and have assembled a world-class team with senior leadership experience at Google, Slack, Facebook, Dropbox, Rubrik, Uber, Intercom, Pinterest, Palantir, and others.

Role:

Glean is looking for a highly skilled Corporate Security (IT) and Compliance Engineer who will be working towards securing an overall cloud-native IT environment and maintaining our ongoing compliance with security standards and frameworks. The successful candidate will possess a strong background in IT security best practices, be well-versed in implementing and managing compliance towards frameworks such as SOC2, HIPAA, GDPR, CCPA etc., and have the ability to handle complex challenges in a dynamic environment. 

What you will do and achieve

• Develop and maintain the organization's IT security policies, procedures, and standards.
• Maintain compliance with industry standards like SOC2 and HIPAA, leveraging tools to automate workflows and reduce manual effort.
• Prepare for external audits by maintaining compliance documentation.
• Work towards the implementation of a comprehensive third-party vendor review program. 
• Identify areas of highest risk within the organization and collaborate with teams to mitigate these risks through technical and administrative controls.
• Collaborate with business teams to assess and implement appropriate security settings and access controls in SaaS applications.

Who you are

• Bachelor's degree in Computer Science, Information Technology, or a related field (or equivalent work experience).
• 5+ experience in managing security compliance, IT security, with a focus on cloud-native environments.
• Strong understanding of modern endpoint security solutions and securing remote employees' devices.
• Experience in implementing and managing compliance frameworks such as SOC2, HIPAA, GDPR, etc.
• Excellent analytical and problem-solving skills with the ability to handle complex technical challenges.
• Relevant certifications such as CISSP, CISM, CompTIA Security+, or equivalent, are a plus.

Key knowledge and skills

• Thrive in a customer-focused, tight-nit and cross-functional environment - being a team player and willing to take on whatever is most impactful for the company is a must
• A proactive and positive attitude to lead, learn, troubleshoot and take ownership of both small tasks and large features
• Familiarity with cloud native security practices in GCP/AWS/Azure is a plus

We are a diverse bunch of people and we want to continue to attract and retain a diverse range of people into our organization. We're committed to an inclusive and diverse company. We do not discriminate based on gender, ethnicity, sexual orientation, religion, civil or family status, age, disability, or race.