Staff Software Engineer - Internal Platform Infrastructure, Compliance
United States
Our Team
The HashiCorp Platform Infrastructure team is responsible for providing hosted environments that meet the security and compliance needs of the cloud products. We make use of cloud providers and our own HashiCorp products to build our internal platform, creating tight feedback loops with the product development teams. Our focus is to provide opinionated and easy infrastructure offerings that scale through the use of systems and software.
This team involves a product-mindset applied to infrastructure, bringing software engineering, infrastructure engineering, and SRE practices together. This team partners closely with product management, security, compliance, and product teams to enable secure and rapid development of the platform.
About this Role
We are looking for a detail-oriented Staff Infrastructure Engineer focused on Compliance to ensure our infrastructure systems and processes align with industry standards and regulatory requirements. The ideal candidate will lead development efforts to maintain security, compliance, and governance across our cloud environments. This role involves collaborating with cross-functional teams to ensure that infrastructure configurations, processes, and policies meet compliance frameworks such as ISO 27001, SOC 2, PCI-DSS, HIPAA, and GDPR. Using a depth of experience, this role has mastered multiple methods of influence and collaboration to deliver solutions aligned with business goals. Applicants would be comfortable playing a mix of roles, including technical vision, product guidance and support, software development, partnering with other engineering teams, and mentorship.
You can expect to:
- Partner with security, legal, and risk management teams to interpret compliance requirements and translate them into technical specifications for the infrastructure team.
- Design, develop, and manage infrastructure risk and policy management frameworks, identifying and mitigating potential compliance risks related to infrastructure design and operation.
- Ensure proper auditing and logging mechanisms are in place to meet compliance standards, and facilitate regular compliance reviews and audits.
- Implement and enforce security policies, procedures, and controls to ensure infrastructure compliance with industry regulations
- Develop and maintain comprehensive documentation of infrastructure compliance policies, standards, and procedures.
- Prepare for and support external and internal audits related to infrastructure compliance by ensuring that systems, processes, and documentation are audit-ready.
- Conduct regular self-audits and vulnerability assessments to proactively identify and address compliance gaps in the infrastructure.
- Assist in audit responses, providing evidence and reports to demonstrate compliance with required standards and controls.
- Stay updated on changes in industry regulations and compliance requirements, ensuring that the organization’s infrastructure practices are always up to date.
You may be a good fit if…
- You have a minimum of 7 years experience in designing and delivering enterprise cloud infrastructure security and compliance solutions
- You have demonstrable problem solving skills and can successfully navigate ambiguity and complexity
- You develop software to deliver infrastructure solutions
- You lead with empathy and focus on growing those around you
- You have worked with remote teams
The ideal candidate will have…
- Strong understanding and experience working with compliance frameworks such as SOC 2, ISO 27001, PCI-DSS, HIPAA, and GDPR.
- Proven experience in implementing and managing infrastructure security controls in cloud (AWS, Azure, Google Cloud) and on-premise environments.
- Hands-on experience with compliance automation tools (e.g., AWS Config, Azure Policy, HashiCorp Sentinel)
- Passion for automation; creating leverage through software development
- Successfully delivered operational improvements to complex infrastructure/software
- A product-minded approach to delivering infrastructure and platforms
#LI-Remote
Individual pay within the range will be determined based on job related-factors such as skills, experience, and education or training.
The base pay range for this role in the SF Bay Area / NYC area is:$246,200—$289,600 USDThe base pay range for this role in Seattle Metro, Denver / Boulder Metro, New York (excluding NYC), Washington D.C., or California (excluding SF Bay Area) is:$225,600—$265,400 USDThe base pay range for this role in Colorado (excluding Denver / Boulder Metro) and Washington (excluding Seattle Metro) is:$205,100—$241,300 USD ApplyJob Profile
- Collaborate with cross functional teams
- Conduct audits and vulnerability assessments
- Develop infrastructure risk management frameworks
- Develop software
- Ensure compliance with industry standards
- Maintain compliance documentation
Audit Auditing Automation AWS Azure Cloud Cloud environments Cloud Infrastructure Collaboration Compliance Compliance frameworks Cross-functional Collaboration Documentation Engineering GDPR Google Cloud Governance HashiCorp HashiCorp products HIPAA Infrastructure Infrastructure Engineering Infrastructure Security ISO 27001 Logging mechanisms Mentorship Organization PCI PCI DSS Product Management Remote Team Collaboration Risk Management Security Security Controls Security policies SOC 2 Software Development Software Engineering Training Vulnerability assessments
Experience7 years
Education TimezonesAmerica/Anchorage America/Chicago America/Denver America/Los_Angeles America/New_York Pacific/Honolulu UTC-10 UTC-5 UTC-6 UTC-7 UTC-8 UTC-9