What are the responsibilities and job description for the Founding Security Engineer – Governance, Risk & Compliance (GRC) position at Sift?
About Sift
At Sift, we’re redefining how modern machines are built, tested, and operated. Our platform provides engineers with real-time observability over high-frequency telemetry, eliminating bottlenecks and enabling faster, more reliable development.
Sift was born from our work at SpaceX on Dragon, Falcon, Starlink, and Starship—where scaling telemetry, debugging flight systems, and ensuring mission reliability demanded new infrastructure. Founded by a team from SpaceX, Google, and Palantir, Sift is built for mission-critical systems where precision and scalability are non-negotiable.
About The Role
As Sift’s founding Security & Compliance Engineer, you will not just maintain a security checklist; you will define the posture, architecture, and practices that keep our products and infrastructure secure in the most demanding environments.
You will be both hands-on and strategic, building controls, automating compliance, and working directly with customers, auditors, and internal teams to inspire confidence in our platform.
The Security & Compliance Engineer will own Sift’s security posture end-to-end, blending technical security engineering with governance, risk, and compliance leadership. You will set the standard for how we protect our systems and data, ensuring we are ready to meet and exceed the expectations of aerospace, defense, and enterprise customers.
This is a high-visibility, high-ownership role: you will be Sift’s first security hire, laying the foundation of our security program and growing it into a dedicated function as the company scales.
In This Role, You’ll
Technical Security
The Skillset You’ll Bring:
Sift’s headquarters is in El Segundo, CA. We collaborate in person twice a week—on Mondays and Thursdays—and come together for a full week every two months. While we prefer team members to be local, we’re open to relocating candidates to LA or considering remote work from the San Francisco area for the right candidate.
Salary range: $170,000 - $220,000 per year. Plus equity and benefits.
Eligibility
U.S. Person Required: Must be a U.S. citizen, lawful permanent resident, or protected individual such as an asylee or refugee in compliance with ITAR (International Traffic in Arms Regulations) / EAR (Export Administration Regulations) regulations.
At Sift, we’re redefining how modern machines are built, tested, and operated. Our platform provides engineers with real-time observability over high-frequency telemetry, eliminating bottlenecks and enabling faster, more reliable development.
Sift was born from our work at SpaceX on Dragon, Falcon, Starlink, and Starship—where scaling telemetry, debugging flight systems, and ensuring mission reliability demanded new infrastructure. Founded by a team from SpaceX, Google, and Palantir, Sift is built for mission-critical systems where precision and scalability are non-negotiable.
About The Role
As Sift’s founding Security & Compliance Engineer, you will not just maintain a security checklist; you will define the posture, architecture, and practices that keep our products and infrastructure secure in the most demanding environments.
You will be both hands-on and strategic, building controls, automating compliance, and working directly with customers, auditors, and internal teams to inspire confidence in our platform.
The Security & Compliance Engineer will own Sift’s security posture end-to-end, blending technical security engineering with governance, risk, and compliance leadership. You will set the standard for how we protect our systems and data, ensuring we are ready to meet and exceed the expectations of aerospace, defense, and enterprise customers.
This is a high-visibility, high-ownership role: you will be Sift’s first security hire, laying the foundation of our security program and growing it into a dedicated function as the company scales.
In This Role, You’ll
Technical Security
- Build secure CI/CD pipelines with embedded scanning.
- Operate and tune SIEM/EDR (ELK, Datadog, Splunk, CrowdStrike, Prometheus, Grafana). Secure multi-cloud environments (AWS GovCloud, Kubernetes, on-prem).
- Implement zero-trust networking and modern SASE/ZTNA approaches.
- Improve visibility and observability across networks and workloads.
- Lead compliance initiatives: SOC 2, ISO 27001, NIST 800-171, FedRAMP, CMMC.
- Manage third-party/vendor risk assessments.
- Own internal/external audits and readiness for customer/government reviews.
- Lead company-wide security awareness: phishing simulations, compliance workshops, and role-specific training.
The Skillset You’ll Bring:
- 5 years in cybersecurity, product security, or cloud security roles, ideally in high assurance or regulated industries.
- Hands-on experience securing AWS or an equivalent cloud service provider (GovCloud preferred) and Kubernetes-based environments, with strong infrastructure as code practices.
- Proven track record leading or supporting compliance initiatives such as SOC 2, NIST 800-171, CMMC, FedRAMP, or ISO 27001.
- Deep understanding of network, endpoint, and identity security principles.
- Experience with security tooling and integration into operational workflows.
- Ability to translate compliance requirements into clear, actionable engineering work.
- Experience managing third-party/vendor risk and customer-facing security reviews.
- Clear communicator with both technical and non-technical stakeholders.
- Customer-facing presence for audits and enterprise assurance.
- Collaborative partner to infra and product teams.
- High ownership and adaptability in ambiguous, fast-moving environments.
- Integrity and trustworthiness, handling sensitive data, and compliance matters with discretion.
- Excited to operate as a team of one early on, with the vision to build and lead a security function over time.
Sift’s headquarters is in El Segundo, CA. We collaborate in person twice a week—on Mondays and Thursdays—and come together for a full week every two months. While we prefer team members to be local, we’re open to relocating candidates to LA or considering remote work from the San Francisco area for the right candidate.
Salary range: $170,000 - $220,000 per year. Plus equity and benefits.
Eligibility
U.S. Person Required: Must be a U.S. citizen, lawful permanent resident, or protected individual such as an asylee or refugee in compliance with ITAR (International Traffic in Arms Regulations) / EAR (Export Administration Regulations) regulations.
Salary : $170,000 - $220,000