Nametag now available as an Okta MFA factor. ->
Job Title: Security and Compliance Engineer
Location: Remote-first
Job Type: Full-Time
Nametag is seeking an experienced Security and Compliance Engineer to ensure the security and compliance of our identity verification and account protection solutions. This role requires expertise in compliance and privacy standards and frameworks, security operations, and customer-facing security interactions. The ideal candidate will have a strong technical background and a proven ability to maintain world-class security programs, instill customer confidence, and proactively address evolving compliance and security needs.
As the Security and Compliance Engineer, you will oversee Nametag’s security and compliance initiatives, working closely with cross-functional teams to maintain enterprise-grade security standards. You will lead efforts to expand compliance certifications, manage security operations, and support customer-facing teams in addressing security questions and risk assessments. This role will also involve collaborating with product management to prioritize compliance and readiness initiatives, ensuring Nametag remains a trusted partner for large enterprise customers. Your work will be critical in maintaining customer trust, ensuring operational excellence, and helping Nametag lead in the identity management space.
• Lead and maintain Nametag’s compliance programs, including SOC2, ISO27001, NIST AI standards, GDPR, CPRA, and other privacy regulations and frameworks.
• Collaborate with product management to prioritize and implement new compliance initiatives.
• Continuously evaluate and adapt compliance strategies to meet evolving regulatory, privacy, and enterprise requirements.
• Manage daily security operations, including log review, endpoint monitoring, and incident response.
• Perform regular audits, vulnerability assessments, and proactive threat management to protect Nametag’s systems and data.
• Evaluate and optimize security tools, processes, and procedures to ensure operational excellence.
• Manage relationships with security vendors, ensuring optimal performance and alignment with Nametag’s security needs.
• Oversee vendor assessments, negotiations, and ongoing evaluations to maintain the highest levels of service and security.
• Act as a primary point of contact for customer security questions and participate in technical calls with their security teams.
• Support third-party risk management (TPRM) efforts, including security reviews and vendor assessments.
• Collaborate with customer success and sales teams to address security concerns and communicate Nametag’s security practices.
• Research emerging compliance and privacy standards and frameworks, particularly in identity verification and AI-driven technologies.
• Recommend and implement updates to Nametag’s compliance and security practices to align with customer and regulatory expectations.
• Maintain Nametag’s strong commitment to enterprise-grade security and compliance.
• Ensure internal programs meet the highest standards, instilling confidence in customers about Nametag’s security-first approach.
• Experience: 5+ years in security engineering, compliance, or related roles. However, we encourage candidates with a mix of relevant skills and experiences to apply, even if you don’t meet every listed qualification.
• Compliance and Privacy Expertise: Familiarity with SOC2, ISO27001, NIST frameworks, GDPR, CPRA, and other privacy standards and frameworks. Hands-on experience is a plus.
• Technical Skills: Strong understanding of security operations, including log analysis, endpoint security, and vulnerability management.
• Vendor Management: Experience managing vendor relationships, including performance monitoring and contract negotiation.
• Customer Interaction: Strong communication skills, with the ability to explain complex security concepts to technical and non-technical audiences.
• Collaborative Mindset: Proven ability to work cross-functionally with product management, engineering, and customer-facing teams.
• Education: Bachelor’s degree in Computer Science, Cybersecurity, or a related field is preferred; equivalent experience is welcomed. Certifications (e.g., CISSP, CISM) are a plus but not required.
The base salary range for this full-time position is $120,000 to $160,000 plus equity and benefits.
Nametag is a founding member of the Open Imperative, and publicly committed to pay equity in the technology industry. We post positions with ranges to encourage people of different backgrounds and experiences to apply, but the salary for every specific job offer is benchmarked using market data sources to ensure they are fair and consistent.
Our salary ranges are determined by role, level, and additional factors, including job-related skills, experience, and relevant education or training. Your recruiter or hiring manager can share more about the specific salary range during the hiring process.
• Remote-first: We are building a world-class, remote-first culture and we want to find super-talented people who can contribute from anywhere. We have team members in key hubs throughout the U.S. continental time zones. Everyone works in their own time zone, and we align team meetings on a common time that works for all. There are no water cooler conversations for a selected few; everyone has a voice.
• In-person collaboration: We find remote work is best when we pair it with in-person time, so we plan to bring the team together at least once per quarter. We plan to go somewhere off-site and spend a few days together. Travel and meetings will be pre-arranged in advance so everyone can make plans to help cover at home.
• Competitive salary
• Competitive stock options
• Comprehensive health benefits (medical, dental, vision)
• Flexible time off policies
• Quarterly team off-sites
• 401(k) program with employer matching
• New computer hardware and equipment
• An inclusive work environment where you can have an impact
