Job Title: IT Security EngineerLocation: Remote (Portugal, Spain, Bulgaria, Romania)Type: Full-timeAbout UsOraion is your single source of truth for enterprise data.
Oraion uses agentic AI to turn structured and unstructured enterprise data into non-obvious insights, instantly.Oraion helps you make faster, more informed decisions and even automate complex tasks, all through a self-serve, chat-based AI agent embedded in your existing workflow such as Slack, Teams or via our Enterprise Intelligence Platform.We're looking for an IT Security Engineer to help us build and scale a secure, enterprise-grade platform that customers can trust with their most sensitive data.About the RoleAs an IT Security Engineer at Oraion, you'll play a critical role in safeguarding our infrastructure, systems, and customer data across a cloud-based environment with strong tenant isolation.You'll work across security operations, cloud security, and compliance, helping us strengthen our security posture as we scale globally.
This includes implementing controls aligned with SOC 2 Type II, supporting audits, and ensuring best-in-class security practices across the organization.In addition to security, this role will also support broader IT and DevOps initiatives, contributing to infrastructure reliability, internal systems, and operational efficiency.
As a small and fast-moving team, we value engineers who are comfortable working across domains and taking ownership beyond a single function.This is a hands-on role where you'll collaborate closely with engineering, product, and operations teams to embed security into everything we build, without slowing down innovation.ResponsibilitiesDesign, implement, and maintain security controls across cloud infrastructure (AWS and GCP) and internal systemsOwn and improve identity and access management (IAM), including role-based access and least privilege enforcementMonitor, detect, and respond to security incidents and vulnerabilities across systems and endpointsManage and improve security tooling (e.g., endpoint protection, vulnerability scanners, SIEM, logging systems)Support SOC 2 Type II compliance efforts, including control implementation, evidence collection, and audit readinessConduct regular security assessments, vulnerability scans, and penetration test follow-upsDefine and enforce security policies, procedures, and best practices across the companyPartner with engineering teams to ensure secure system design, secure coding practices, and infrastructure hardeningManage third-party risk and vendor security reviewsDrive security awareness and training across the organizationContinuously improve monitoring, alerting, and incident response processesSupport IT and DevOps-related tasks, including infrastructure management, internal tooling, and system reliability as neededRequirements3+ years of experience in IT security, cloud security, or security engineering rolesStrong experience securing cloud environments, particularly AWS and/or GCP (IAM, networking, logging, encryption)Hands-on experience with cloud-native security tools (e.g., AWS Security Hub, GuardDuty, GCP Security Command Center, Cloud Logging)Solid understanding of security frameworks and standards (SOC 2, ISO *****, GDPR)Experience with identity and access management (SSO, MFA, RBAC/ABAC)Hands-on experience with security tools (e.g., vulnerability scanners, EDR, SIEM, monitoring tools)Familiarity with incident response and security operations workflowsUnderstanding of network security, application security, and infrastructure security principlesAbility to balance security with speed in a fast-paced startup environmentStrong communication skills and ability to work cross-functionallyFluent in EnglishBonus PointsExperience working in a SOC 2 Type II environment or supporting audits with tools like VantaExperience securing single-tenant SaaS platformsFamiliarity with DevSecOps practices and CI/CD securityExperience with compliance automation tools (e.g., Vanta, Drata)Knowledge of data security and encryption best practicesExposure to AI/ML systems security or data governanceStartup experience or experience in high-growth environmentsWhat We OfferGround-floor opportunity to shape security at a fast-growing AI startupHigh-impact role with ownership across security and complianceCollaborative team across engineering, product, and operationsCompetitive compensationRemote-friendly, flexible working cultureOpportunity to work on cutting-edge AI products handling complex enterprise data