Jobs · Management · Massachusetts

Senior Security Compliance Engineer

Klaviyo · Boston, MA · 3 wk ago
Management$120k–$180k/yrFull-time

Responsibilities

  • Design, develop, and maintain automated compliance workflows using scripting, APIs, and GRC tooling to streamline evidence collection, control validation, and audit readiness across SOC 2, ISO 27001, ISO 27017, PCI, and SOX ITGCs
  • Build and improve continuous control monitoring capabilities that provide real-time visibility into Klaviyo’s compliance posture and proactively surface control gaps
  • Partner with the Security Risk team to streamline end-to-end Security Compliance-to-Risk operations, ensuring compliance findings and control observations flow efficiently into risk management workflows
  • Implement and customize compliance automation platforms (e.g. Drata, Vanta, Anecdotes) and integrate them with Klaviyo’s internal systems, CI/CD pipelines, and cloud infrastructure
  • Serve as a trusted advisor to Engineering and Product teams, embedding compliance-by-design into architecture decisions and helping teams understand and meet security control requirements
  • Identify and drive high-value opportunities to use AI and automation to eliminate toil, improve compliance operations, and scale our programs alongside Klaviyo’s growth

Requirements

  • 3–5 years of experience in security compliance, GRC engineering, security engineering, or a closely related field with a strong emphasis on automation and scalable processes
  • Understanding of modern cloud-native web application architectures and related security best practices, especially in the context of AWS, Kubernetes, and AI
  • Hands-on experience implementing and operating Compliance Automation platforms, such as Drata, Vanta, Anecdotes, HyperProof, etc.
  • Experience implementing Identity Governance tools and processes, such as for user access reviews (UARs) and just-in-time access (JITA)
  • Experience with additional compliance frameworks such as ISO 27018, HIPAA, GDPR, CCPA, or NIS2

Qualifications

  • Proficiency in one or more programming/scripting languages (e.g. Python, Go, SQL) with hands-on experience building automation for compliance workflows, integrating REST APIs, and working with GRC tooling
  • Excellent ability to plan, prioritize, and deliver results cross-functionally and in a timely fashion
  • Strong alignment with Klaviyo’s core values

Skills

  • A strong bias toward evidence, logic, math, and reason when communicating risk
  • A strong bias toward “guardrails, not gates” and “paved security roads” philosophies
  • Excellent ability to discuss complex, nuanced topics with technical & non-technical audiences alike, especially software engineers

Benefits

  • Comprehensive health, welfare, and wellbeing benefits based on eligibility
  • Annual cash bonus plan
  • Variable compensation (OTE) for sales and customer success roles
  • Equity
  • Sign-on payments

Pay

  • $120,000—$180,000 USD

Schedule

  • This role may require up to 10% travel for purposes such as new hire onboarding, client or partner work if applicable, team meetings, and industry events

Similar jobs