×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity

Security Engineer; Compliance

Job in California, Washington County, Pennsylvania, 15419, USA
Listing for: Berkeley Research Group, LLC
Full Time position
Listed on 2026-03-04
Job specializations:
  • Security
    Cybersecurity
Salary/Wage Range or Industry Benchmark: 100000 - 125000 USD Yearly USD 100000.00 125000.00 YEAR
Job Description & How to Apply Below
Position: Security Engineer (Compliance)

BRG is an Equal Employment Opportunity/Affirmative Action Employer. All qualified candidates will receive consideration for employment without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or protected veteran status.

Position Title: Security Engineer (Compliance)

Location: Remote - USA

Position Type: Full time

Requisition : JR100641

We do Consulting Differently

Second Sight Solutions, a subsidiary of Berkeley Research Group (BRG), is a health technology company, and our innovative technology reimagines how drug discount data is exchanged, establishing new connections and improving transparency for drug manufacturers and their customers. Our customers and partners trust us to deliver reliable, first-to-market solutions and safeguard the data we receive. We trust our employees, and our culture gives them the freedom to create, collaborate, and grow.

Our leaders are industry experts, creative, unafraid to challenge the status quo, and the pioneers of market-changing solutions.

We are seeking a motivated Security Engineer (Compliance) to be an integral part of our Security team! The ideal candidate will be passionate about cyber security and possess both deep and wide expertise in the security space, with specific experience in the application and implementation of Governance, Risk, and Compliance (GRC) programs.

Responsibilities
  • Own, manage, and support the application of key compliance frameworks (SOC 1 and 2, ISO 27001, CSA STAR, NIST CSF, etc).
  • Develop, control, and maintain applicable organizational policies, procedures, best practices, and guides associated with key compliance requirements and in support of annual audits.
  • Assist in the development and implementation of an internal audit program designed to:
    • measure the effectiveness of organizational processes and procedures;
    • assess organizational adherence to those processes and procedures;
    • identify opportunities for organizational and systemic process improvement; and
    • alert the organization about emerging risks to the comprehensive compliance program.
  • Support the Risk Management Program with a goal of making risk-based decisions an integrated part of the cultural landscape, including:
    • risk identification;
    • risk mitigation;
    • risk monitoring;
    • risk reporting; and
    • documentation of risk realization and/or retirement.
  • Work closely with the Security Operations (Sec Ops) team to ensure security functions meet operational compliance requirements and will meet/exceed independent annual audit standards.
  • Ensure technical, operational, and administrative controls are fully operable and meet standards necessary for SOC 1 and 2 audits.
  • Support Quarterly Access Reviews (QARs) as part of the larger User Access Request process.
Qualifications
  • 5+ years of proven work experience as a System or Information Security Engineer, Compliance Engineer, or Risk Engineer.
  • Detailed technical knowledge of compliance frameworks and their application across systems and organizations.
  • Thorough understanding of the latest security principles, techniques, and protocols.
  • Problem solving skills and ability to work under pressure.
  • Experience with compliance frameworks (e.g., SOC 1 and 2, ISO 27001, CSA STAR, NIST CSF).
  • Familiarity with web related technologies (Web applications, Web Services, Service Oriented Architectures) and network/web related protocols.
  • Experience with cloud services (Microsoft 365, SharePoint Online, Microsoft Azure, and Amazon Web Services).
  • Operational understanding of security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, and content.
  • Ideal candidates will have a strong risk background that includes:
    • risk identification, adjudication, and mitigation development experience;
    • experience working with engineering teams to document, plan, and address identified risk items;
    • documentation and communication of identified risks to organizational leadership (up to and include the Executive Leadership Team or ELT);
    • regular review and maintenance of residual risk items; and
    • ownership of risks and the applicable risk lifecycle through risk identification, adjudication,…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search