Own and evolve the security compliance engineering roadmap, aligning security controls with business priorities and risk appetite.
Serve as a technical authority on security compliance domains (e.g., SOC 2, ISO 27001, PCI DSS, SOX, GDPR/Privacy adjacent controls, internal security standards).
Define control objectives, success metrics, and maturity models; drive improvements through measurable outcomes.
Partner to design, implement, and easily testable scaled controls (preventive/detective) across Airbnb’s technical environments and business processes.
Drive building and maintaining evidence automation and continuous compliance mechanisms (e.g., control monitoring, configuration validation, policy-as-code, automated attestations).
Partner with platform teams to embed compliance requirements into existing paved paths limiting bespoke workflows and implementations.
Work closely with security policy, risk, compliance, and broader audit functions to define relevant assessment and audit plans for needed areas ensuring they are testable, repeatable, and low-friction.
Lead complex, cross-org initiatives to remediate control gaps and reduce audit burden through engineering-first solutions.
Provide consultation and hands-on support for product launches, architectural reviews, and high-risk changes requiring compliance alignment.

Requirements

12+ years of experience in security engineering, compliance engineering, platform security, or related domains (or equivalent practical experience)
BS, MS or PhD in CS or related field is preferred
Proven experience leading large-scale, cross-functional security or compliance initiatives with measurable outcomes.
Strong understanding of at least two of the following frameworks/areas:
SOC 2 / ISO 27001
PCI DSS
SOX ITGC / access controls
Cloud security controls (AWS/GCP), IAM, logging/monitoring
Secure SDLC controls, vulnerability management, change management
Demonstrated ability to translate compliance requirements into practical engineering deliverables (systems, automation, monitoring, workflows).
Strong written and verbal communication skills; ability to drive alignment across Engineering, Security, and GRC stakeholders.

Benefits

This role may also be eligible for bonus, equity, benefits, and Employee Travel Credits.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

security engineeringcompliance engineeringplatform securitySOC 2ISO 27001PCI DSSSOX ITGCcloud security controlsIAMvulnerability management

Soft Skills

leadershipcommunicationcross-functional collaborationconsultationalignment driving