Founded in 2005, Smartsheet offers collaborative work management and process automation to empower greater enterprise productivity. A leading cloud-based platfo
Senior Security Engineer I – Customer Trust
Location
United States
Posted
1 day ago
Salary
$145K - $210K / year
Seniority
Senior
Job Description
Senior Security Engineer I – Customer Trust
Smartsheet
• Own US customer trust operations: Manage intake, triage, prioritization, and completion of customer security questionnaires, vendor risk assessments, and RFIs for US-based customers. • Respond to customer security inquiries with technical depth: Complete questionnaires accurately, respond to RFIs, and address customer security concerns with responses that demonstrate understanding of Smartsheet's architecture and security controls. • Manage questionnaire queue and ensure SLA compliance: Maintain visibility into pending assessments, track completion timelines, and escalate delays. Keep customers informed of progress and manage expectations. • Build customer relationships and provide security assurance: Become a trusted resource for customer security teams. Understand their compliance requirements, ask clarifying questions, and provide responses that build confidence in Smartsheet's controls. • Support US sales teams: Work with sales and customer success teams to remove security-related deal blockers, provide compliance assurance materials, and accelerate customer buying cycles. • Escalate and collaborate on complex assessments: Identify questions requiring specialized expertise (AI security, FedRAMP, HIPAA, specific control implementations) and escalate appropriately. Work cross-functionally to gather evidence and provide comprehensive responses. • Understand industry-specific compliance: Respond to questions about HIPAA, NIST, state privacy laws (CCPA, etc.), PCI DSS, and sector-specific requirements relevant to customer industries. • Drive process improvements: Identify opportunities to improve questionnaire completion efficiency, update response templates, and recommend changes that benefit the team and customer experience.
Job Requirements
- 5+ years of experience in customer trust, vendor risk, security assessment, or customer-facing security engineering roles at SaaS or cloud platform companies.
- A degree in Computer Science, Computer Engineering, Cybersecurity or a related field or equivalent practical experience.
- Proven track record completing customer security questionnaires, vendor assessments, and conducting security RFI responses.
- Working knowledge of GRC frameworks and standards: Familiarity with SOC 2, ISO 27001, NIST frameworks, HIPAA, and compliance assessment practices.
- Strong technical security foundation: Understanding of cloud architecture (AWS, GCP, Azure), application security, access controls, encryption, logging, incident response, and data protection sufficient to answer technical questions credibly.
- Excellent written and verbal communication: Ability to explain complex security topics clearly to both technical and non-technical audiences. Skill in adapting communication style for different customers and contexts.
- Queue management and SLA discipline: Comfort with ticketing systems, managing multiple concurrent requests, tracking dependencies, and prioritizing work.
- Collaborative mindset and cross-functional teamwork: Ability to work effectively with sales, customer success, product security, and engineering teams. Strong at seeking help when needed and escalating appropriately.
- Eligible to work in the United States.
Benefits
- Employer subsidized medical/vision and dental coverage for full-time employees
- 401k Match to help you save for your future (50% of your contribution up to the first 6% of your eligible pay)
- Monthly stipend to support your work and productivity
- Flexible Time Away Program, plus Sick Time Off
- US employees are automatically covered under Smartsheet-sponsored life insurance, short-term, and long-term disability plans
- US employees receive 12 paid holidays per year
- Up to 24 weeks of Parental Leave
- Personal paid Volunteer Day to support our community
- Opportunities for professional growth and development including access to Udemy online courses
- Company Funded Perks, including a counseling membership, local retail discounts, and your own personal Smartsheet account
- Teleworking options from any registered location in the U.S. (role specific)
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
Senior SAP Security Consultant – GRC/AC
Mollica ITRecrutando talentos de tecnologia & conectando histórias
• Gather and analyze requirements together with business areas; • Convert functional requirements into technical requirements, preparing high- and low-level architecture documents; • Participate in alignment meetings and requirements-gathering sessions with business users; • Facilitate Fit-to-Standard workshops; • Validate requirements in the system and in the SAP Fiori application library, ensuring end-to-end coverage of functionalities in Solution & Architecture documents; • Execute exploratory testing to ensure consistency of functional design documents; • Update design documents during functional testing, defect remediation, integration testing, and UAT; • Create, review, and update SAP authorization concepts; • Contribute to the creation and review of training materials; • Provide support during Hypercare activities; • Perform other routine activities within the area.
• Support the onboarding of new third-party vendors into the organization's Third-Party Risk Management (TPRM) program. • Review vendor intake requests to ensure required information is complete and accurate. • Coordinate the distribution, collection, and tracking of vendor security questionnaires and assessment documentation. • Monitor vendor assessment progress and proactively follow up on outstanding questionnaires, evidence requests, and documentation. • Maintain accurate assessment records and workflow updates within the ServiceNow platform. • Collect, organize, and maintain vendor security documentation, including policies, certifications, and supporting evidence. • Coordinate remediation efforts by tracking identified security gaps and following up on corrective actions. • Validate vendor security controls and supporting documentation against established security requirements. • Support vendor risk tracking, reporting, and status updates for internal stakeholders. • Assist with daily operational activities within the Third-Party Risk Management program as assigned by the TPRM Manager. • Ensure all assigned work is completed according to established priorities and timelines.
Senior Security Engineer, Infrastructure Security
JuicywayJuicyway makes it easy for everyone to participate in the global economy
Role Description The Security and Infrastructure team protects Juicyway's technology, people, and products. We are technical in what we build but operational in how we work, and we are committed to supporting every product and every bold bet Juicyway makes. Our tenets are simple: prioritise for impact, prepare the foundations for transformative financial technology, and build a security culture that runs deeper than policy. Tasks The problem you'll be solving: - Financial infrastructure is one of the most targeted surfaces on the internet. - InfraSec protects the foundations of Juicyway's production and experimental environments. - This role exists to lead that function, actively hardening it. - You will be the senior security voice in a technical team that takes this seriously. What you'll own - Designing and building security controls across every layer of the stack; physical hardware, OS, Kubernetes, networks, and CI/CD pipelines. - Hardening our multi-cloud infrastructure end to end, including network isolation, secret management, and checkpoint encryption. - Protecting our API services against common and emerging threats. - Securing and monitoring our distributed workforce device fleet; endpoint protection and robust IAM. - Partnering with engineering teams to deploy security enhancements at scale. - Leading our compliance work; PCI DSS, SOC 1 and 2, and routine penetration tests. - Taking a generalist approach to emerging workloads. - Building the security culture across the engineering org. Qualifications - Deep expertise in cloud security — AWS and/or Azure. - Proven experience securing Kubernetes environments, container orchestration, and service meshes. - Solid track record with secret management, IAM, machine identity, and access control at scale. - Hands-on experience with compliance frameworks; PCI DSS and SOC 1 and 2 specifically. - Strong analytical instincts. - The communication skills to work across technical and non-technical stakeholders without losing precision. - Bonus: experience securing cryptocurrency systems; background in financial services or regulated industries; familiarity with endpoint protection tooling and workforce device management. - Be based in Nigeria. Benefits - Competitive pay. - Meaningful equity at an early stage. - Real flexibility on hours, location, and how you do your best work. - A technical team that takes security seriously and will actually listen to you.
• Owning, shaping, and running proof-of-concepts, beta programs, and pre-sales activities with customers and partner teams on the Israeli market • Diving into enterprise architecture discovery and hands-on software configuration • Strategizing with and assisting customers as they move to more agile, secure, identity centric security models • Taking a consultative approach to solutions and solving challenges around next generation security transformation • Educating and enabling internal teams and partners regarding our Enterprise solution portfolios to motivate effective sales strategies • Influencing product roadmaps and ensuring the inclusion of business priorities and requirements of customers




