Security Engineering Lead

At ASI, we are revolutionizing industries with state-of-the-art autonomous robotics solutions. Within the fields of agriculture, construction, landscaping, and logistics, we deliver technologies that enhance safety, productivity, and efficiency. With our core values of Simplicity, Safety, Transparency, Humility, Attention to Detail, Autonomy and Growth guiding everything we do, we're shaping the future of automation in dynamic markets.

As a Security Engineering Lead, you will build and own ASI's entire security posture, from the technical controls that prevent and detect threats to the compliance programs that define credibility with enterprise customers. You own SOC 2 Type II and ISO 27001 certification programs end-to-end, operate SIEM and EDR tooling, and maintain the GRC framework that keeps the company audit-ready at all times. You are the founding pod lead for Security and Compliance, the primary interface to Legal, Finance, and external auditors, and the person who recruits and develops the Security Engineer rounding out your team.

Responsibilities

• Own the security roadmap, risk register, and compliance program for the company.

• Drive SOC 2 Type II and ISO 27001 certification end-to-end, from initiation through audit.

• Serve as the primary security liaison to Legal, Finance, and external auditors.

• Implement and operate SIEM, EDR, and identity security tooling enterprise wide.

• Manage MFA enforcement, access reviews, and privileged access controls.

• Lead the vulnerability management program and coordinate penetration testing.

• Define and enforce the OT/IT security boundary policy with the OT pod.

• Maintain incident response playbooks and lead post-incident reviews.

• Maintain continuous audit evidence as an operational practice, not a point-in-time exercise.

• Recruit, develop, and lead the Security Engineer as the pod scales.

Qualifications

• Bachelor's degree in Computer Science, Information Security, Information Technology, or a related field.

• 7+ years in security engineering, security operations, or a combined security and GRC role.

• Hands-on SOC 2 Type II or ISO 27001 audit cycle ownership, initiation through certification.

• Deep fluency in SIEM platforms (Splunk, Microsoft Sentinel, or Sumo Logic) and EDR tooling.

• Demonstrated expertise in IAM: zero-trust architecture, least privilege, MFA, and access lifecycle management.

• Experience defining and operating vulnerability management programs and coordinating penetration tests.

• Proven cross-functional partnership with Legal, Finance, and engineering on security and compliance.

• Experience recruiting, developing, and leading technical security teams.

• CISSP, CISM, or equivalent security credential, or willingness to pursue certification.

Physical Requirements

• Ability to remain in a stationary position at a computer workstation for extended periods.

• Ability to operate a computer and other office productivity equipment continuously.

• Ability to communicate and exchange information in person, via phone, and through electronic means.

• Ability to traverse office, lab, data center, and field environments as required.

At Autonomous Solutions, Inc. (ASI), we are committed to fostering a diverse, inclusive, and equitable workplace where all employees and applicants have equal opportunities. We prohibit discrimination and harassment of any kind based on race, color, religion, sex, national origin, age, disability, genetic information, veteran status, sexual orientation, gender identity, or any other legally protected characteristic. ASI complies with all applicable federal, state, and local laws regarding non-discrimination in employment and is dedicated to providing reasonable accommodations for individuals with disabilities throughout the hiring process.