Senior Security Engineer
Overstory
- New York, New York, United States
- New York, New York, United States
Über
As our inaugural Senior Security Engineer, you will play a critical role in safeguarding Overstory’s systems, data, and reputation. Partnering closely with your manager - the Director of Information Security and Compliance - you will take ownership of our security and compliance posture, and define, implement, and continuously improve our security program. You will lead initiatives across vulnerability management, compliance, and security operations, while acting as a trusted partner to engineering, product, and business teams. This role is ideal for someone who combines hands-on technical expertise with a strategic mindset and enjoys building scalable security practices in a growing company. What You’ll Do
Own and evolve Overstory’s compliance program, ensuring ongoing alignment with SOC 2, ISO 27001, and other relevant frameworks Drive vulnerability management end-to-end, from detection to remediation, working closely with engineering teams to prioritize and resolve risks efficiently Design and improve security processes and controls across infrastructure, applications, and internal systems Lead security input in architecture and engineering decisions, helping teams build secure-by-design systems Oversee and improve identity and access management, endpoint security, and core IT security practices Own vendor security and third-party risk management, including assessments, risk evaluation, and mitigation strategies Lead audit readiness and execution for SOC 2 and ISO 27001, including control design, evidence collection, and auditor coordination Partner with customer-facing teams to handle security questionnaires and build scalable, high-quality response processes Contribute to security awareness and culture, mentoring others and raising the security bar across the organization Skills & Experience
5+ years of experience in security engineering, security operations, or a related field Direct experience with security and compliance frameworks such as SOC 2 and/or ISO 27001, including audit processes Deep experience with vulnerability management, including tooling, prioritization, and remediation workflows Fluency working across cloud environments (AWS, GCP, or Azure) and modern SaaS ecosystems Experience with identity and access management, endpoint security, and IT/security operations Demonstrated ability to translate security risks into clear, actionable guidance for technical and non-technical stakeholders Demonstrable experience (or at a minimum a serious interest in) leveraging AI tooling to accelerate business impact. Strong written communication skills and are comfortable owning documentation and audit artifacts Demonstrable proactive, pragmatic mindset as well as capacity for balancing security best practices with business needs Experience working cross-functionally influencing without authority in a remote-first environment Nice To Have
Experience designing or improving SIEM, logging, and alerting pipelines Familiarity with compliance automation platforms (Drata, Vanta, Tugboat, etc.) Experience leading or owning SOC 2 / ISO 27001 audits Background in application or cloud security engineering Experience mentoring or guiding more junior team members What We Offer
Competitive, location-specific compensation and benefits Flexible, autonomous and collaborative working environment rooted in trust - we build our work days around our lives, not the other way around Home office stipend, coworking and ongoing education budgets A company culture that genuinely embodies each of our core values To be part of truly mission-driven work that reduces wildfires, protects earth’s natural resources and helps solve our climate crisis About Our Team
We are a group of 100 people from all over the world. Fifteen nationalities are represented in our team and at last count we speak fourteen languages: English, Dutch, French, Spanish, German, Italian, Portuguese, Russian, Luxembourgish, Lithuanian, Bulgarian, Cantonese, Estonian, and Danish. We work remotely from eleven countries and are looking for candidates that are living and working in one of them: United States, the Netherlands, United Kingdom, Ireland, Estonia, Portugal, France, Sweden, Switzerland, Denmark and Canada. We gather once a year in-person for our unforgettable team gathering event. We also offer the option to occasionally meet up for in-person collaboration. Diversity & Inclusion
The climate crisis is a human crisis that requires diverse perspectives to solve. We place enormous value on diversity and believe that the best ideas emerge when people with different backgrounds and experience work together. We remain committed to scaling a team that reflects the communities we serve, and strive to uphold equitable and inclusive practices across every aspect of our business. We are responsible for creating and maintaining a culture where everyone - regardless of background - has a voice in building a sustainable future. Our Values
Tackling the climate crisis is our greatest mission. We act with urgency. Our curiosity fuels our growth. We recognize that change is constant, and we find joy and power in exploration. We’re rooted in diversity. Just as ecosystems need biodiversity to thrive, our resiliency comes from our differences. We care for each other. We love the power of machines but we nurture each other as humans. Trust is fundamental. We assume the best in everyone, and we share ideas openly so that we have a positive impact.
#J-18808-Ljbffr
Sprachkenntnisse
- English
Hinweis für Nutzer
Dieses Stellenangebot stammt von einer Partnerplattform von TieTalent. Klick auf „Jetzt Bewerben”, um deine Bewerbung direkt auf deren Website einzureichen.