Compensation: TBD, based on education, experience, role fit, startup needs, and interview process.
Job summary
As a Security Compliance Engineer, you will support one or more startups connected to Metasoft Capital by helping founders turn early ambition into practical execution. This role is built for remote startup environments where priorities can change quickly, information may be incomplete, and useful work depends on clear writing, steady ownership, and good judgment.
The role focuses on technical security evidence, audits, controls testing, and compliance readiness. You may work with founders, product teams, technical teams, operations, customers, partners, or investors depending on the startup assignment. The goal is to help the company build secure, reliable, scalable, and cost-conscious technical foundations for fast-moving startup teams, while building habits that make the team more reliable as it grows.
Core responsibilities
- Own the day-to-day work connected to technical security evidence, audits, controls testing, and compliance readiness, keeping priorities clear and progress visible.
- Work closely with founders, managers, product, technology, operations, and customer-facing teams as needed.
- Create clear notes, decisions, requirements, checklists, or reports so work does not depend on memory or guesswork.
- Design and operate secure, scalable, and cost-conscious technical environments for startup products.
- Use practical judgment to balance speed, quality, cost, risk, and learning in a startup environment.
- Design and maintain infrastructure that supports current startup needs while leaving room for growth, security, and operational maturity.
- Improve deployment practices, monitoring, backup routines, incident response habits, access control, and technical documentation.
- Partner with engineering, product, finance, and compliance teams to balance performance, security, uptime, cost, and speed.
- Identify operational risks early, recommend practical controls, and help teams avoid fragile systems that only one person understands.
- Design, build, test, review, and maintain systems with enough documentation that other team members can understand and improve the work.
- Participate in technical reviews, troubleshooting, reliability improvements, and practical decisions about build versus buy.
Education and experience requirements
- Education or training in computer science, cloud computing, cybersecurity, networking, systems administration, DevOps, or equivalent hands-on experience is helpful.
- Relevant certifications may be useful but are not a substitute for practical troubleshooting, documentation, and ownership.
- Experience with Linux, cloud platforms, CI/CD, containers, networking, monitoring, identity access, databases, security tools, or infrastructure as code is valuable.
- Ability to stay calm during incidents, communicate clearly, and separate urgent fixes from longer-term reliability improvements.
- Understanding of security basics, least privilege, backup discipline, cost awareness, and the realities of startup resource limits.
- Candidates should be ready to share examples of relevant work, projects, portfolios, case studies, writing samples, code samples, dashboards, campaigns, processes, or other evidence of ability when applicable.
Helpful skills and tools
- AWS, Azure, Google Cloud, Linux, Docker, Kubernetes, Terraform, CI/CD systems, monitoring tools, SIEM/security tools, VPNs, databases, and incident management systems.
- Experience with cloud platforms, Linux, networking, automation, observability, security tooling, or infrastructure operations.
- Strong troubleshooting skills and calm communication during incidents or urgent technical problems.
- Strong ownership mindset, reliability in remote work, and comfort working with incomplete information.
- Ability to communicate progress, blockers, and tradeoffs in a simple way for both technical and non-technical teammates.
- Curiosity, humility, and willingness to keep learning as the startup changes direction or grows.
- Clear written communication, organized files, practical documentation, and reliable follow-through are important because most teams operate remotely.
Remote startup working style
- Work asynchronously when possible, document decisions, and keep teammates updated on progress, blockers, risks, and next steps.
- Be comfortable with early-stage ambiguity, changing priorities, limited resources, and the need to learn quickly from customers and teammates.
- Use sound judgment to decide when to move fast, when to ask for help, when to slow down, and when to protect quality or trust.
- Respect confidentiality, founder context, customer information, and the trust required to support early-stage companies.
Success in this role looks like
- Higher uptime, faster recovery, lower technical risk, stronger security controls, and predictable infrastructure costs.
- The startup experiences fewer preventable outages, clearer incident response, and stronger recovery practices.
- Infrastructure cost and security risk become visible and manageable.
- Developers can ship faster because the platform is documented, stable, and trusted.
- The startup team can point to clearer execution, better documentation, stronger collaboration, and practical improvements connected to this role.
How to apply
- Email your resume/CV to Jobs@MetasoftCapital.com and include JID: 1715818 in the email subject line and at the beginning of your message.
- Use a subject line similar to: JID: 1715818 - Security Compliance Engineer - Resume/CV.
- Briefly explain why this role, a remote startup environment, and the relevant industry or function fit your experience, interests, and learning goals.
- If useful for the role, include links to your portfolio, GitHub, LinkedIn, website, writing samples, case studies, dashboards, design files, campaigns, or other work examples.
