Security Engineer

Glean • Bangalore • 4h ago

Why This Job is Featured on The SaaS Jobs

Security and compliance work sits at the center of modern SaaS operations, where cloud-native tooling, distributed access, and third-party integrations expand the attack surface. This Security Engineer remit stands out because it blends corporate IT security with ongoing compliance obligations, reflecting how SaaS companies increasingly treat internal systems, identity, and governance as part of the product’s trust story. The explicit focus on frameworks like SOC 2, HIPAA, GDPR, and CCPA signals a role tied to regulated use cases and enterprise readiness.

From a SaaS career perspective, the role builds durable leverage in two directions: translating controls into practical implementations across SaaS applications, and turning audit requirements into repeatable, automated workflows. Experience preparing evidence, maintaining documentation, and running vendor review programs maps directly to how subscription businesses scale security without proportionally scaling headcount. The cross-functional nature of risk identification and mitigation also develops stakeholder fluency that transfers across security, IT, and GRC paths in SaaS.

This position fits professionals who enjoy ownership over policy and process, but also want hands-on influence over access controls and endpoint posture. It suits someone comfortable balancing long-cycle compliance work with day-to-day operational security decisions, and who prefers collaborative problem solving across business and technical teams.

The section above is editorial commentary from The SaaS Jobs, provided to help SaaS professionals understand the role in a broader industry context.

Job Description

About the Role:

Glean is looking for a highly skilled Corporate Security (IT) and Compliance Engineer who will be working towards securing an overall cloud-native IT environment and maintaining our ongoing compliance with security standards and frameworks. The successful candidate will possess a strong background in IT security best practices, be well-versed in implementing and managing compliance towards frameworks such as SOC2, HIPAA, GDPR, CCPA etc., and have the ability to handle complex challenges in a dynamic environment.

You will:

Develop and maintain the organization's IT security policies, procedures, and standards.
Maintain compliance with industry standards like SOC2 and HIPAA, leveraging tools to automate workflows and reduce manual effort.
Prepare for external audits by maintaining compliance documentation.
Work towards the implementation of a comprehensive third-party vendor review program.
Identify areas of highest risk within the organization and collaborate with teams to mitigate these risks through technical and administrative controls.
Collaborate with business teams to assess and implement appropriate security settings and access controls in SaaS applications.

Who you are

Bachelor's degree in Computer Science, Information Technology, or a related field (or equivalent work experience).
5+ experience in managing security compliance, IT security, with a focus on cloud-native environments.
Strong understanding of modern endpoint security solutions and securing remote employees' devices.
Experience in implementing and managing compliance frameworks such as SOC2, HIPAA, GDPR, etc.
Excellent analytical and problem-solving skills with the ability to handle complex technical challenges.
Relevant certifications such as CISSP, CISM, CompTIA Security+, or equivalent, are a plus.

About you:

Thrive in a customer-focused, tight-nit and cross-functional environment - being a team player and willing to take on whatever is most impactful for the company is a must
A proactive and positive attitude to lead, learn, troubleshoot and take ownership of both small tasks and large features
Familiarity with cloud native security practices in GCP/AWS/Azure is a plus

Compensation & Benefits:

Compensation offered will be determined by factors such as location, level, job-related knowledge, skills, and experience. Certain roles may be eligible for variable compensation, equity, and benefits.

We are a diverse bunch of people and we want to continue to attract and retain a diverse range of people into our organization. We're committed to an inclusive and diverse company. We do not discriminate based on gender, ethnicity, sexual orientation, religion, civil or family status, age, disability, or race.