Lead, Security Compliance Engineer

Acceldata is reimagining the way companies observe their Data!
Acceldata is the pioneer and leader in data observability, revolutionizing how enterprises manage and observe data by offering comprehensive insights into various key aspects of data, data pipelines and data infrastructure across various environments. Our platform empowers data teams to manage products effectively by ensuring data quality, preventing failures, and controlling costs.
About the Role: We are looking for a Lead Security Compliance Engineer to join our ODP team. In this role, you will play a pivotal role in ensuring security and compliance across our ODP platform and open-source technologies.
You will leverage your expertise in Big Data systems, security frameworks, and compliance standards to design, implement, and maintain security controls across diverse ecosystems, including Apache Hadoop, Hive, Kafka, Spark, Hbase, Ambari. Collaborating with internal teams and open-source communities, you will work on identifying vulnerabilities, proposing solutions, and contributing to the security roadmap of key Apache projects.
This role involves managing compliance with global regulations, performing risk assessments, and automating security checks to ensure seamless operations. You will also act as a subject matter expert for teams, helping to resolve product vulnerabilities, mitigate risks, and address security challenges in both pre- and post-deployment stages.
Your contributions will be critical in protecting sensitive data, securing our platforms, and ensuring compliance with regulatory requirements. If you are passionate about Big Data security and open-source innovation, this role offers a unique opportunity to make a meaningful impact while working with cutting-edge technologies and industry leaders.

You are a great fit for this role if you have

• A strong desire to address complex security challenges across Big Data platforms, with a proven track record of driving solutions independently.
• Solid understanding of cloud and on-premise security technologies, including securing workloads on AWS, Azure, GCP, and hybrid environments.
• Hands-on experience with security tools and integrating automated vulnerability assessments into CI/CD pipelines.
• Proficiency in programming and scripting languages like Python, Java, or Bash, and familiarity with securing containerized workloads (Docker, Kubernetes).
• Excellent communication skills, with the ability to articulate complex vulnerabilities, mitigation strategies, and solutions to diverse stakeholders.
• Excellent communication skills, with an ability to clearly and concisely explain tricky issues and complex solutions
• Ability to quickly learn new technologies
• Ability and willingness to travel up to 50% of the time to meet with customers

What we look for:

• 8-10 years of expertise in identifying, and fixing vulnerabilities in open-source projects and contributing security patches to upstream communities.
• Strong programming skills in Python, Java, and Bash, with expertise in containerization tools (Docker, Kubernetes) and security practices.
• Proficiency in security tools like MendScan, Aqua Scanner, Trivy, and Twistlock, with the ability to automate vulnerability assessments and integrate security checks into CI/CD pipelines.
• Strong understanding of open-source technologies with hands-on experience in Big Data platforms like Hadoop, Spark, Hive, Kafka, and related tools, along with familiarity with their architecture and associated security challenges.
• In-depth knowledge of securing deployments across cloud platforms (AWS, Azure, GCP) and on-premises environments, with familiarity in hybrid infrastructure and its security requirements.
• Strong awareness of emerging threats, vulnerabilities, and attack vectors in open-source software, with expertise in implementing preventive measures and mitigating risks effectively.
• Good to have: Experience with compliance frameworks like SOC2, GDPR, HIPAA, PCI DSS, ISO 27001, and NIST, with the ability to implement and automate compliance controls and manage related documentation.
• Experience collaborating with open-source communities, contributing patches, and engaging in security-related discussions to improve project security.
• Strong problem-solving mindset with the ability to propose effective workarounds and long-term solutions for mitigating vulnerabilities.

We care for our team·      Mentorship & Growth·      ESOPs·      Medical and Life Insurance·      Paid Maternity & Parental Leave·      Corporate Uber Program·      Learning & Development Support
Acceldata for AllWe are a fast-growing company, solving complex data problems at scale. We are driven by strong work ethics, high standards of excellence, and a spirit of collaboration. We promote innovation, commitment, and accountability. Our goal is to cultivate a healthy work environment that fosters a sense of belonging, encourages teamwork, and brings out the best in every individual.
Why Acceldata?Acceldata is redefining data observability for enterprise data systems. Founded by experts who recognized the need for innovative monitoring and management solutions in a cloud-first, AI-driven environment, our platform empowers data teams to effectively manage data products. We address common challenges such as scaling and performance issues, cost overruns, and data quality problems by providing operational visibility, proactive alerts, and monitoring reliability across the various environments.
Delivered as a SaaS product, Acceldata's solutions have been embraced by global customers, such as HPE, HSBC, Visa, Freddie Mac, Manulife, Workday, Zoominfo, GSK, Oracle, PubMatic, PhonePe (Walmart), Hersheys, Dun & Bradstreet, and many more. Acceldata is a Series-C funded company and its investors include Insight Partners, March Capital, Lightspeed, Sorenson Ventures, Industry Ventures, and Emergent Ventures.