Technology Compliance Engineer

ROLE SNAPSHOT

We are seeking a highly skilled and detail-oriented Technology Compliance Engineer to join our Risk and Security team IN MEXICO. This hybrid role combines the hands-on engineering expertise of Enterprise solution engineering with the critical oversight of an auditor. The ideal candidate will be responsible for designing, implementing, and continuously improving Enterprise IT services and solutions while auditing systems, processes, and pipelines to ensure compliance with security and risk management requirements. This position plays a key role in ensuring that security is integrated across the Enterprise from development to deployment and operations.

KEY DUTIES

Engineering Responsibilities:

• Establish and maintain Enterprise AI solutions and services.

• Champion AI use case review and enablement.

• Collaborate with all departments to successfully drive the onboarding, deployment and management of new technologies and solutions across the Enterprise.

• Maintain and improve Enterprise security requirements and oversight.

Security Responsibilities:

• Conduct regular security audits and reviews of infrastructure, code repositories and deployment processes.

• Monitor compliance with internal security standards, industry best practices, and regulatory requirements (e.g., SOC 2, ISO 27001, NIST).

• Document and report findings, recommend remediation, and track resolution through completion.

• Develop and maintain security baselines, controls, and metrics for secure IT delivery.

• Provide technical input into risk assessments and contribute to threat modeling and security reviews.

BASIC QUALIFICATIONS

• Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent work experience).

• 4+ years of experience in SecOps, application security, or infrastructure security.

• Strong hands-on experience with AI solutions and .

• Familiarity with containerization and orchestration technologies (Docker, Kubernetes).

• Proficiency with scripting languages (Python, Bash, etc.) and infrastructure-as-code tools (Terraform, CloudFormation).

• Experience conducting audits or assessments aligned to frameworks like SOC 2, NIST, ISO 27001, or CIS Benchmarks.

• In-depth knowledge of cloud security (AWS, Azure, or GCP) and security automation practices.

• Understanding of vulnerability management, secure coding practices, and application threat modeling.

MUST HAVE:

• SOC 2

• NIST

• Technology and security assessment

PREFERRED SKILLS

• Industry certifications such as CISSP, CISA, OSCP, GIAC, or AWS/GCP Security Engineer.

• Experience assessing and governing AI services/solutions and LLM models.

• Experience with security monitoring tools (e.g., Snyk, Wiz, Prisma Cloud, SonarQube, or similar).

• Familiarity with enterprise risk management practices and GRC tools.

• Strong analytical and communication skills, with the ability to document technical issues and collaborate across teams.