OV

Senior Security Engineer

Job summary

United States
Engineering

Work model

Remote first
Only US
3 days ago
Job description

Senior Security Engineer

Overstory is dedicated to combating the climate crisis by building a resilient electrical grid using cutting-edge technology. We leverage AI and satellite imagery to identify and mitigate vegetation risks, thereby preventing power outages and reducing wildfire threats. Join our diverse, global team to contribute to a more resilient world.

Role & Team

As the inaugural Senior Security Engineer, you will be instrumental in protecting Overstory's systems, data, and reputation. In close collaboration with the Director of Information Security and Compliance, you will own our security and compliance strategy, implementing and refining our security program. This role involves leading initiatives in vulnerability management, compliance, and security operations, while serving as a key partner to engineering, product, and business teams. It's ideal for a candidate with strong technical skills, a strategic outlook, and a passion for building scalable security practices in a growing company.

Time Zone Requirement: Eastern North America (NST, AST, EST)

What You'll Do

  • Own and advance Overstory's compliance program, ensuring continuous alignment with SOC 2, ISO 27001, and other relevant standards.
  • Manage the end-to-end vulnerability management lifecycle, from detection to remediation, collaborating with engineering teams to prioritize and resolve risks.
  • Design and enhance security processes and controls across infrastructure, applications, and internal systems.
  • Provide security expertise in architecture and engineering decisions, promoting secure-by-design principles.
  • Oversee and improve identity and access management, endpoint security, and core IT security practices.
  • Manage vendor security and third-party risk, including assessments and mitigation strategies.
  • Lead audit readiness and execution for SOC 2 and ISO 27001, managing control design, evidence collection, and auditor coordination.
  • Collaborate with customer-facing teams to address security questionnaires and develop scalable response processes.
  • Foster security awareness and culture through mentoring and raising the organization's security standards.

Skills & Experience

  • 5 years of experience in security engineering, security operations, or a related field.
  • Direct experience with security and compliance frameworks like SOC 2 and/or ISO 27001, including audit processes.
  • In-depth experience with vulnerability management, including tooling, prioritization, and remediation workflows.
  • Proficiency in cloud environments (AWS, GCP, or Azure) and modern SaaS ecosystems.
  • Experience with identity and access management, endpoint security, and IT/security operations.
  • Proven ability to communicate security risks clearly and actionably to both technical and non-technical audiences.
  • Demonstrable experience or strong interest in using AI tooling to enhance business impact.
  • Excellent written communication skills, with experience in documentation and audit artifact management.
  • A proactive, pragmatic mindset with the ability to balance security best practices with business needs.
  • Experience working cross-functionally and influencing without authority in a remote-first setting.

Nice To Have

  • Experience designing or improving SIEM, logging, and alerting pipelines.
  • Familiarity with compliance automation platforms (Drata, Vanta, Tugboat, etc.).
  • Experience leading or owning SOC 2 / ISO 27001 audits.
  • Background in application or cloud security engineering.
  • Experience mentoring junior team members.

What We Offer

  • Competitive, location-specific compensation and benefits.
  • A flexible, autonomous, and collaborative work environment built on trust.
  • Home office stipend, coworking, and ongoing education budgets.
  • A company culture that embodies our core values.
  • The opportunity to engage in mission-driven work that addresses the climate crisis.

About Our Team

We are a global team of 100 individuals from diverse backgrounds, working remotely across the United States, the Netherlands, United Kingdom, Ireland, Estonia, Portugal, France, Sweden, Switzerland, Denmark, and Canada. We foster an inclusive environment and come together annually for an in-person team gathering.

Diversity & Inclusion

We believe diverse perspectives are crucial for solving the climate crisis. We are committed to building a team that reflects the communities we serve and upholding equitable and inclusive practices.

Our Values

Tackling the climate crisis is our greatest mission.

We act with urgency.

Our curiosity fuels our growth.

We embrace change and find power in exploration.

We're rooted in diversity.

Our strength comes from our differences.

We care for each other.

We nurture our human connections.

Trust is fundamental.

We assume the best in everyone and share ideas openly.

Use of AI in Our Hiring Process We may use AI tools to support our hiring process, but all hiring decisions are made by people. Data is handled securely per GDPR and our Privacy Notice.