Reddit is hiring a

Technical Compliance Engineer - Governance, Risk, Compliance

Remote
Reddit is a community of communities. It’s built on shared interests, passion, and trust and is home to the most open and authentic conversations on the internet. Every day, Reddit users submit, vote, and comment on the topics they care most about. With 100,000+ active communities and approximately 82M+ daily active unique visitors, Reddit is one of the internet’s largest sources of information. For more information, visit redditinc.com.

Team Description

The SPACE (Security, Privacy, And Compliance Engineering) team defends Reddit’s employees and compute assets to make Reddit the most trustworthy place for online human interaction.  We look for humble experts with a relentlessly resourceful and entrepreneurial “can do” perspective. If you work tirelessly to break into computer networks and just as tirelessly to ensure others cannot, we need you.

Location: This role is only open to candidates currently located and authorized to work in the United States. The role is 100% remote. 

(and if you happen to live close to one of our physical office locations, our doors are open for you to come into the office as often as you'd like!)

Role Description

This is a GRC (Governance, Risk, Compliance) Engineer role on the GRC team. We are governance, risk, and compliance experts that are relentlessly resourceful to enable Reddit to manage risk effectively. We value humble experts with a “can do” view of security, risk, and controls with broad and deep technical knowledge, specifically in the fields of security certifications (e.g. SOC2), tech controls (e.g. ITGC), and risk management. We deliver facts and not FUD to our business partners when facing emerging risks.

If you are passionate about tech controls, policy and standards, and effective risk management, we need you. The ideal candidate has a strong technical background and has worked as part of a Governance, Risk, and Compliance or Technical Controls Compliance team. We are looking for those with experience maturing and facilitating tech controls, monitoring control gaps and risks, and building strong cross functional partnership with control owners. 

Some of our present and future work include:

  • Supporting tech control execution to ensure alignment with security control certifications
  • Leading tech control design and maturity decisions to provide better consistency and value to Reddit
  • Working across teams to ensure initiatives are greater than the sum of their parts
  • Promoting Reddit’s unique combination of Security, Privacy, and Compliance Engineering (SPACE)

How You’ll Have Impact:

This position has flexibility throughout GRC with ample opportunity to dive deeper across a wide scope of work. You will be a major contributor to Reddit’s technical control framework and operation. You will also partner with many teams to champion Reddit’s Security, Privacy, and Compliance Engineering (SPACE) mission.

What You’ll Do:

  • Support security compliance initiatives across the organization to mature, enhance, and optimize our controls in partnership with SPACE team members and cross functional stakeholders
  • Monitor and mature Reddit’s tech control framework to support compliance with industry standards such as SOC 2, SOX, and ISO 27001
  • Design and build continuous control monitoring tooling and scripts to mature control execution and reporting 
  • Develop detailed technical recommendations for controls definition, implementation and assessment in partnership with Security and Engineering teams
  • Collaborate with teams across the organization to identify security and privacy risk mitigation needs
  • Partner with Security, Privacy, and Engineering teams to implement technical controls. 
  • Maintain compliance documentation, including audit evidence and controls. 

Role Requirements: 

  • Expertise in various compliance frameworks such as SOC 2, ISO 27001, SOX ITGC Controls, NIST
  • Expertise with designing and implementing continuous control monitoring activities leveraging GRC solutions, through Go/Python/NodeJS/unix shell (bash, zsh) practical scripting, and/or data analysis tools
  • Knowledge of API and data querying 
  • 3+ years of experience with GRC tooling configuration 
  • 3+ years working in Security governance, risk, and compliance roles. Relevant certifications are a plus. 
  • Support a collaborative, performance-driven culture that builds bridges with other functional groups across the enterprise and maintains positive working relationships
  • Experience executing compliance initiatives for cloud platforms and interacting with engineering teams to implement controls
  • Human not reliant on ChatGPT to communicate effectively with business representatives, explaining GRC topics (ELI5)

Benefits:

  • Comprehensive Healthcare Benefits
  • 401k Matching
  • Workspace benefits for your home office
  • Personal & Professional development funds
  • Family Planning Support
  • Flexible Vacation (please use them!) & Reddit Global Wellness Days
  • 4+ months paid Parental Leave
  • Paid Volunteer time off

Pay Transparency:

This job posting may span more than one career level.

In addition to base salary, this job is eligible to receive equity in the form of restricted stock units, and depending on the position offered, it may also be eligible to receive a commission. Additionally, Reddit offers a wide range of benefits to U.S.-based employees, including medical, dental, and vision insurance, 401(k) program with employer match, generous time off for vacation, and parental leave. To learn more, please visit https://www.redditinc.com/careers/.

To provide greater transparency to candidates, we share base pay ranges for all US-based job postings regardless of state. We set standard base pay ranges for all roles based on function, level, and country location, benchmarked against similar stage growth companies. Final offer amounts are determined by multiple factors including, skills, depth of work experience and relevant licenses/credentials, and may vary from the amounts listed below.

The base pay range for this position is:
$164,200$229,900 USD

Reddit is proud to be an equal opportunity employer, and is committed to building a workforce representative of the diverse communities we serve.  Reddit is committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, please contact us at [email protected].

Apply for this job

Please mention you found this job on AI Jobs. It helps us get more startups to hire on our site. Thanks and good luck!

Get hired quicker

Be the first to apply. Receive an email whenever similar jobs are posted.

Ace your job interview

Understand the required skills and qualifications, anticipate the questions you may be asked, and study well-prepared answers using our sample responses.

Engineer Q&A's
Report this job
Apply for this job