Security Engineer

Glean • Bangalore • 1m ago

Why This Job is Featured on The SaaS Jobs

Security and compliance work is foundational in SaaS because the product is delivered through cloud services and depends on customer trust across data handling, access control, and vendor risk. This Security Engineer role stands out for its explicit focus on a cloud-native IT environment and on operationalizing multiple common SaaS frameworks (SOC 2, HIPAA, GDPR, CCPA), indicating a remit that spans both technical controls and audit-readiness.

From a SaaS career perspective, this kind of position builds durable expertise in how security programs are run at scale: turning policies into enforceable standards, reducing manual compliance work through automation, and creating repeatable evidence trails for external audits. Experience with third‑party vendor review and SaaS application access governance also travels well across companies, since most modern SaaS organizations rely on a growing stack of tools and partners.

This role is best suited to a practitioner who likes structured problem-solving and has the patience to translate risk into practical controls across business and technical teams. It will fit someone comfortable owning documentation and process as much as implementation, and who wants a security track anchored in compliance frameworks and cloud-first operations rather than purely product security.

The section above is editorial commentary from The SaaS Jobs, provided to help SaaS professionals understand the role in a broader industry context.

Job Description

About the Role:

Glean is looking for a highly skilled Corporate Security (IT) and Compliance Engineer who will be working towards securing an overall cloud-native IT environment and maintaining our ongoing compliance with security standards and frameworks. The successful candidate will possess a strong background in IT security best practices, be well-versed in implementing and managing compliance towards frameworks such as SOC2, HIPAA, GDPR, CCPA etc., and have the ability to handle complex challenges in a dynamic environment.

You will:

Develop and maintain the organization's IT security policies, procedures, and standards.
Maintain compliance with industry standards like SOC2 and HIPAA, leveraging tools to automate workflows and reduce manual effort.
Prepare for external audits by maintaining compliance documentation.
Work towards the implementation of a comprehensive third-party vendor review program.
Identify areas of highest risk within the organization and collaborate with teams to mitigate these risks through technical and administrative controls.
Collaborate with business teams to assess and implement appropriate security settings and access controls in SaaS applications.

Who you are

Bachelor's degree in Computer Science, Information Technology, or a related field (or equivalent work experience).
5+ experience in managing security compliance, IT security, with a focus on cloud-native environments.
Strong understanding of modern endpoint security solutions and securing remote employees' devices.
Experience in implementing and managing compliance frameworks such as SOC2, HIPAA, GDPR, etc.
Excellent analytical and problem-solving skills with the ability to handle complex technical challenges.
Relevant certifications such as CISSP, CISM, CompTIA Security+, or equivalent, are a plus.

About you:

Thrive in a customer-focused, tight-nit and cross-functional environment - being a team player and willing to take on whatever is most impactful for the company is a must
A proactive and positive attitude to lead, learn, troubleshoot and take ownership of both small tasks and large features
Familiarity with cloud native security practices in GCP/AWS/Azure is a plus

Compensation & Benefits:

Compensation offered will be determined by factors such as location, level, job-related knowledge, skills, and experience. Certain roles may be eligible for variable compensation, equity, and benefits.

We are a diverse bunch of people and we want to continue to attract and retain a diverse range of people into our organization. We're committed to an inclusive and diverse company. We do not discriminate based on gender, ethnicity, sexual orientation, religion, civil or family status, age, disability, or race.