Principal Software Engineer - Platform Security/Compliance Architect - (Remote)

Principal Software Engineer - Platform Security/Compliance Architect - (Remote)

Principal Software Engineer

Req ID

FY24|R&D|#5728

Location(s)

Atlanta, Georgia, USA; Austin, Texas, USA; Baltimore, Maryland, USA; Boise, Idaho, USA; Boston, Massachusetts, USA; Charleston, South Carolina, USA; Charlotte, North Carolina, USA; Chicago, Illinois, USA; Cincinnati, Ohio, USA; Dallas, Texas, USA; Detroit, Michigan, USA; Indianapolis, Indiana, USA; Kansas City, Missouri, USA; Las Vegas, Nevada, USA; Los Angeles, California, USA; Madison, Wisconsin, USA; Miami, Florida, USA; Milwaukee, Wisconsin, USA; Minneapolis, Minnesota, USA; Nashville, Tennessee, USA; North Oaks, Minnesota, USA; Omaha, Nebraska, USA; Orlando, Florida, USA; Philadelphia, Pennsylvania, USA; Phoenix, Arizona, USA; Portland, Oregon, USA; Prospect, Connecticut, USA; Salt Lake City, Utah, USA; San Francisco, California, USA; San Jose, California, USA; Seattle, Washington, USA; St. Louis, Missouri, USA; Washington, District of Columbia, USA;

Work arrangement(s)

Fully Remote (works exclusively from home)

Your opportunity

At New Relic, we provide our customers real-time insights, so they can innovate faster. The Cloud Platform group within New Relic provides an enterprise-grade, cloud-agnostic platform and a developer platform that is composable, extensible, secure, scalable and reliable.

We are looking for a talented and experienced Principal Software Engineer to serve as our Compliance Architect for our teams. In this role, you will lead efforts in developing comprehensive compliance strategies, establishing best practices, and designing secure solutions for the developer and cloud platforms. You will collaborate with cross-functional teams, including engineering, security, legal and compliance to ensure our software complies with industry regulations, security standards, and data privacy requirements. Your expertise in compliance frameworks and secure software development practices will be crucial in guiding our teams to maintain the utmost trust and confidence from our customers.

What you'll do

Develop, implement and own a comprehensive compliance strategy across our platform, ensuring adherence to industry standards, regulations, and best practices.
Lead the design and implementation of a robust security framework, including systems, architecture, and policies, to protect sensitive data.
Collaborate with cross-functional teams, including engineering, security, legal and compliance, to ensure compliance requirements are understood and integrated into the software development lifecycle.
Conduct regular compliance risk assessments and audits to identify gaps and develop action plans to address areas of concern.
Serve as the engineering point of contact for internal and external auditors, providing necessary documentation and participating in compliance reviews.
Serve as a trusted advisor on compliance-related matters to internal stakeholders and teams.
Stay up-to-date with changes in regulatory requirements, industry standards, and emerging technologies to continually enhance our compliance framework.
Provide guidance and training to engineering teams on secure coding practices and integrating compliance controls into the development process.

This role requires

Bachelor's or Master's degree in Computer Science, Software Engineering, or a related field.
12 years as a software engineer primarily specializing in compliance architecture or a similar role.
In-depth knowledge of regulatory compliance frameworks, such as SOC 2, HIPAA, GDPR, FedRamp or ISO 27001.
Excellent understanding of DevSecOps practices and integrating security and compliance throughout the software development lifecycle.
Proven track record of designing and implementing compliance strategies in a SaaS or cloud-based company.
Proficiency in secure coding practices and experience coding in Java and/or Golang.
Experience with security and compliance tools, frameworks, and technologies.
Experience with cloud-based environments (AWS, Azure or GCP).
Excellent problem-solving skills and ability to analyze complex compliance requirements and how to implement them.
Strong communication and collaboration skills, with the ability to work effectively with cross-functional teams.
Domestic US and international travel (EMEA, APAC) up to 1 week per quarter.
Availability to be on-call if needed.

Bonus points if you have

Relevant certifications in compliance or security (e.g. CISSP, CISA)
Understanding of risk management principles and the ability to assess and mitigate compliance risks.
Familiarity with vulnerability assessment and penetration testing methodologies.
Experience implementing identity and access management solutions for user authentication and authorization.
Knowledge of data governance frameworks and practices, including data classification and handling.

Fostering a diverse, welcoming and inclusive environment is important to us. We work hard to make everyone feel comfortable bringing their best, most authentic selves to work every day. We celebrate our talented Relics' different backgrounds and abilities, and recognize the different paths they took to reach us - including nontraditional ones. Their experiences and perspectives inspire us to make our products and company the best they can be. We're looking for people who feel connected to our mission and values, not just candidates who check off all the boxes.

If you require a reasonable accommodation to complete any part of the application or recruiting process, please visit to submit your request.

We believe in empowering all Relics to achieve professional and business success through a flexible workforce model. This model allows us to work in a variety of workplaces that best support our success, including fully office-based, fully remote, or hybrid.

Our hiring process

Please note that visa sponsorship is not available for this position.

In compliance with applicable law, all persons hired will be required to verify identity and eligibility to work and to complete employment eligibility verification. Note: Our stewardship of the data of thousands of customers' means that a criminal background check is required to join New Relic.

We will consider qualified applicants with arrest and conviction records based on individual circumstances and in accordance with applicable law including, but not limited to, the .

Headhunters and recruitment agencies may not submit resumes/CVs through this website or directly to managers. New Relic does not accept unsolicited headhunter and agency resumes, and will not pay fees to any third-party agency or company that does not have a signed agreement with New Relic.

New Relic is proud to be an equal opportunity employer. We foster a diverse, equitable, and inclusive environment, free from all types of discrimination, so our Relics can thrive. We hire people with different backgrounds, experiences, abilities and perspectives.

Candidates are evaluated based on qualifications, regardless of race, religion, ethnicity, national origin, sex, sexual orientation, gender expression or identity, age, disability, neurodiversity, veteran or marital status, political viewpoint, or other legally protected characteristics.

Review our Applicant Privacy Notice at .

Estimated Base Pay Range: $ 194,000 - $ 242,000
The pay range above represents a reasonable estimate of the salary for the listed position. This role is eligible for a corporate bonus plan. Pay within this range varies by work location and may also depend on job-related factors such as an applicant's skills, qualifications, and experience.

New Relic provides a variety of benefits for this role, including healthcare, dental, vision, parental leave and planning, mental health benefits, a 401(k) plan and match, flex time-off, 11 paid holidays, volunteer time off, and other competitive benefits designed to improve the lives of our employees.

Wage - midpoint

242,000

Wage - minimum

194,000

This field has no functionality and it was added so that we could display the separator above