Yuno is building payment infrastructure to enable companies to participate in the global market. The Security Compliance Engineer will ensure security and privacy programs meet industry standards, contributing to audits and implementing security controls across cloud environments.
Responsibilities:
- Actively participate in ISO 27001, ISO 27701, SOC 2 and PCI DSS audit processes, contributing from a technical and implementation perspective as part of the Security team
- Translate security, compliance, and privacy requirements into scalable technical controls, ensuring they are enforceable, measurable, and auditable
- Design, build, and maintain secure and scalable internal security solutions and tools using Python to support security operations and strengthen technical controls
- Work with Engineering and DevOps teams to implement and validate cloud security controls in AWS and GCP aligned with audit requirements
- Contribute to privacy-related technical initiatives, including data mapping, control automation, and alignment with privacy frameworks and data protection regulations (e.g., ISO 27701, GDPR, and similar)
Requirements:
- Practical experience working with ISO 27001 audits and translating controls into technical implementations
- Familiarity with SOC 2 and PCI DSS frameworks from an engineering perspective
- Understanding of privacy requirements and frameworks
- Proficiency in Python for developing secure and maintainable tooling
- Solid knowledge of AWS and/or GCP security services (IAM, logging, monitoring, WAF, etc.)
- Strong collaboration skills and English fluency
- Experience with Kubernetes, container security, or CI/CD pipelines
- Infrastructure as Code experience (Terraform, CloudFormation)
- Familiarity with vendor risk management and third-party security reviews
- Experience in fintech, payments, or highly regulated environments
- Familiarity with emerging architectures (e.g., serverless, event-driven, AI integrations)