As a
Security Engineering Lead, you will build and own ASI's entire security posture, from the technical controls that prevent and detect threats to the compliance programs that define credibility with enterprise customers. You own SOC 2 Type II and ISO 27001 certification programs end-to-end, operate SIEM and EDR tooling, and maintain the GRC framework that keeps the company audit-ready at all times. You are the founding pod lead for Security and Compliance, the primary interface to Legal, Finance, and external auditors, and the person who recruits and develops the Security Engineer rounding out your team.
Responsibilities- Own the security roadmap, risk register, and compliance program for the company.
- Drive SOC 2 Type II and ISO 27001 certification end-to-end, from initiation through audit.
- Serve as the primary security liaison to Legal, Finance, and external auditors.
- Implement and operate SIEM, EDR, and identity security tooling enterprise wide.
- Manage MFA enforcement, access reviews, and privileged access controls.
- Lead the vulnerability management program and coordinate penetration testing.
- Define and enforce the OT/IT security boundary policy with the OT pod.
- Maintain incident response playbooks and lead post-incident reviews.
- Maintain continuous audit evidence as an operational practice, not a point-in-time exercise.
- Recruit, develop, and lead the Security Engineer as the pod scales.
Qualifications- Bachelor's degree in Computer Science, Information Security, Information Technology, or a related field.
- 7+ years in security engineering, security operations, or a combined security and GRC role.
- Hands-on SOC 2 Type II or ISO 27001 audit cycle ownership, initiation through certification.
- Deep fluency in SIEM platforms (Splunk, Microsoft Sentinel, or Sumo Logic) and EDR tooling.
- Demonstrated expertise in IAM: zero-trust architecture, least privilege, MFA, and access lifecycle management.
- Experience defining and operating vulnerability management programs and coordinating penetration tests.
- Proven cross-functional partnership with Legal, Finance, and engineering on security and compliance.
- Experience recruiting, developing, and leading technical security teams.
- CISSP, CISM, or equivalent security credential, or willingness to pursue certification.
Physical Requirements- Ability to remain in a stationary position at a computer workstation for extended periods.
- Ability to operate a computer and other office productivity equipment continuously.
- Ability to communicate and exchange information in person, via phone, and through electronic means.
- Ability to traverse office, lab, data center, and field environments as required.