Sayari is a global corporate data provider focused on preventing illicit financial activity. They are seeking a Cloud Security Engineer to bridge the gap between security compliance and engineering teams, automating workflows and ensuring the safe deployment of AI features.
Responsibilities:
- Drive the implementation of technical controls and evidence gathering in collaboration with engineering for compliance standards and frameworks such as ISO 42001 and FedRAMP 20X
- Manage the daily operational reality of audits, customer questionnaires, and internal IT/Security support requests while relentlessly identifying friction and engineering automated workflows to make these tasks self-service over time
- Rapidly prototype and ship internal tools, custom Vanta integrations, and scripts using AI-assisted development to close automation gaps and eliminate manual work across Security, IT, and Engineering
- Work with application, data, infrastructure, and ML engineering teams on implementing secure design patterns and governance best-practices. You will be a trusted technical advisor and doer who speeds up production deployments rather than blocking them by automating processes like AI risk assessments and secure architecture reviews
Requirements:
- Proven experience preparing for and participating in GRC related audits (Eg. SOC 2, ISO, FedRAMP, and/or CMMC), including working with auditors and customers to clearly explain the security posture of systems and collecting requirements when there are gaps
- You actively track the latest AI innovations and automation trends. You use AI to automate processes internally and know how to help ensure product and engineering teams leverage AI in compliance with ISO 42001
- An engineering mindset that despises manual repetition. You're driven to understand processes and/or control requirements, propose a solution, and write the code to automate it
- Hands-on experience securing cloud environments. You understand the security implications of IAM, network policies, container vulnerabilities, etc
- Strong proficiency in Python and demonstrated ability to move fast using modern AI development tools (e.g., Cursor, n8n, LangChain, etc.) and APIs to ship internal tools/scripts and automations
- Obsessive attention to detail in written communication. You leverage AI to generate content at speed, but you ruthlessly review and revise for accuracy, nuance, and audience fit. You understand the importance of clear, accurate writing, whether in a policy, audit response, or response to a customer's security question
- Experience with Vanta or similar compliance automation platforms and knowledge of where they fall short
- Experience working in both smaller scrappy startups and large structured tech companies