Principal Software Engineer - Platform Security / Compliance Architect - (Remote)

Your opportunity

At New Relic, we provide our customers real-time insights, so they can innovate faster. The Cloud Platform group within New Relic offers an enterprise-grade, cloud-agnostic platform that is secure, scalable, and reliable. We are seeking a talented Principal Software Engineer to serve as our Compliance Architect. In this role, you will lead efforts in developing compliance strategies, establishing best practices, and designing secure solutions for our developer and cloud platforms. Collaboration with cross-functional teams including engineering, security, legal, and compliance is essential to ensure our software meets industry regulations, security standards, and data privacy requirements. Your expertise will be crucial in maintaining our customers' trust and confidence.

1. Develop, implement, and own a comprehensive compliance strategy across our platform, ensuring adherence to industry standards, regulations, and best practices.
2. Lead the design and implementation of a security framework, including systems, architecture, and policies, to protect sensitive data.
3. Collaborate with engineering, security, legal, and compliance teams to integrate compliance requirements into the software development lifecycle.
4. Conduct compliance risk assessments and audits, identifying gaps and developing action plans.
5. Serve as the engineering contact for audits, providing documentation and participating in reviews.
6. Advise internal stakeholders on compliance matters.
7. Stay updated on regulatory changes, industry standards, and emerging technologies to enhance our compliance framework.
8. Guide and train engineering teams on secure coding and compliance controls.

• Bachelor's or Master's degree in Computer Science, Software Engineering, or related field.
• Several years of experience as a software engineer specializing in compliance architecture or similar roles.
• Deep knowledge of compliance frameworks such as SOC 2, HIPAA, GDPR, FedRamp, or ISO.
• Strong understanding of DevSecOps practices and integrating security and compliance into development.
• Proven experience designing compliance strategies in SaaS or cloud environments.
• Proficiency in secure coding, especially in Java and/or Golang.
• Experience with security and compliance tools and frameworks.
• Familiarity with cloud platforms like AWS, Azure, or GCP.
• Excellent problem-solving, communication, and collaboration skills.
• Willingness to travel domestically and internationally up to 1 week per quarter.
• Availability for on-call support if needed.

• Certifications such as CISSP or CISA.
• Knowledge of risk management, vulnerability assessment, and penetration testing.
• Experience with identity and access management solutions.
• Understanding of data governance frameworks.

We value diversity and inclusion, encouraging everyone to bring their authentic selves to work. We support flexible work arrangements, including fully remote, hybrid, or office-based setups. For more details on our hiring process and legal requirements, please refer to the full job posting.