Information Security Engineer

Globality was founded with a simple but ambitious goal: to use AI to transform enterprise spending into a smarter, fairer process—creating more efficient, inclusive markets worldwide. Today, our AI-driven solution is reshaping how enterprises spend, turning procurement into a guided, insight-led process that’s easier for everyone, open to anyone, and better for business.

At the forefront of enterprise AI, Globality optimizes spending, drives efficiency, and guarantees bottom-line impact. Our culture is built on Trust, Collaboration, and Innovation, fostering an environment where every individual feels valued and included. Bring your expertise, passion, and perspective—together, we’re shaping the future of enterprise spending.

Role Summary:

As an Information Security Engineer, you will leverage your strategic and operational security expertise to assess risks, enforce governance, and ensure compliance across the organization. Your role will focus on risk identification and mitigation, emphasizing collaboration and cross-functional trust.

This is a hybrid position that requires at least 3 days a week in our Palo Alto HQ. 

What you will be doing:

• Ensure compliance with security and privacy regulations, including ISO 27001 and SOC 2 Type 2
• Refresh policies, manage exceptions, and maintain documentation
• Host ISSC, MRM, and AI governance meetings
• Develop and manage security risk programs, assessments, and metrics
• Oversee network security, threat intelligence, phishing reports, and external security tests
• Perform DPO activities (DSARs, GSARs) and conduct DPIAs
• Lead internal audits, track findings, and manage remediation
• Prepare risk reports and dashboards
• Implement business continuity, IT, and enterprise risk management programs
• Oversee web security, malware protection, SAST, DLP, and code dependency analysis
• Improve ISQ processes, conduct classifications, and refresh DD/RAs
• Approve applications, review DPAs, and track remediation
• Manage incident triage and remediation
• Drive and maintain all information security-related certifications, ensuring they are up to date

 What we are looking for: 

• 3+ years of experience in security governance, risk, and compliance
• Proven experience performing security audits, particularly ISO 27001 and SOC 2
• Proficiency with eGRC systems and enterprise risk assessments
• Familiarity with security frameworks such as ISO 27001, SOC 2 Type 2, and CSA STAR
• Strong program management skills, including process development and implementation
• Experience coordinating with internal and external auditors to drive security compliance
• Ability to thrive in a fast-paced environment and manage multiple security tasks simultaneously
• Adaptability to shifting priorities and timelines
• Excellent written, verbal, and technical program management skills
• Openness to new ideas and a willingness to innovate

The anticipated annual pay scale for this position is $115,000 -$185,000. Actual salaries will vary depending on factors including but not limited to location, experience, and performance. The range listed is just one component of Globality's total compensation package for employees. This information is provided per the California Equal Pay Act. We are an equal opportunity employer and a participant in the E-Verify program. We believe diversity makes teams better and that discrimination based on race, gender, or anything else is self-defeating.