Security & Compliance Lead - Remote

About the Role

We are seeking a Security & Compliance Lead to join our team remotely at Prolific. In this role, you will be the cornerstone of our security and compliance efforts, ensuring that we maintain the highest standards while handling sensitive data for world-leading research institutions and AI labs. As a Security & Compliance Lead remote position, you will have the opportunity to shape our security posture and compliance program as we grow.

What You'll Do

• Oversee security operations and cloud security, monitoring for threats, vulnerabilities, and incidents across our infrastructure.
• Respond to and investigate security alerts using SIEM tools like Datadog, ensuring timely triage and escalation.
• Enhance our endpoint security and vulnerability scanning processes, particularly using tools like Snyk.
• Design and implement security architectures across our cloud infrastructure, utilizing Kubernetes, Terraform, and cloud-native services.
• Lead incident response efforts, minimizing impact and coordinating post-incident analysis and reporting.
• Manage our compliance program, ensuring we maintain certifications such as ISO 27001 and SOC 2.
• Collaborate with legal and data protection officers on GDPR compliance and data privacy requirements.
• Promote a DevSecOps culture within the engineering teams, integrating security into the software development lifecycle.

Requirements

• 5+ years of experience in security operations, cloud security, or a combined security and compliance role.
• Strong hands-on experience with cloud security in GCP and/or AWS, including Kubernetes and Terraform.
• Deep understanding of compliance frameworks such as ISO 27001 and SOC 2.
• Experience with security tooling across SIEM, vulnerability scanning, and cloud security posture management.
• Solid understanding of DevSecOps principles and experience embedding security into the SDLC.
• Excellent communication skills to translate security risks into business language.
• A proactive mindset with the ability to manage competing priorities effectively.

Nice to Have

• Experience coordinating penetration testing programs and managing remediation.
• Familiarity with infrastructure-as-code security scanning.
• Relevant security certifications such as CISSP or CISM.

What We Offer

• A competitive salary ranging from $120,000 to $150,000 annually.
• Remote work flexibility with a mission-driven culture.
• Opportunities for professional growth and development in the field of AI and data.
• Access to a unique platform that connects researchers and companies for impactful work.