Security & Compliance Engineer

BLP Digital is redefining ERP automation with agentic AI. Spun out of ETH Zurich and HSG, we build AI agents that automate finance, procurement, logistics, sales, and more for some of the world's largest enterprises. We solve real enterprise problems with cutting-edge technology and a strong sense of ownership.

Our solution is live in 40+ countries, used by 20,000+ daily active users, and automates 70,000+ processes every day, including for Fortune 500 companies. As one of Switzerland's fastest-growing SaaS scaleups, our success stems from deep expertise in technology and business processes, delivering a product with outstanding product-market fit, proven by a growing global customer base.

We've recently welcomed Goldman Sachs Alternatives as a growth investor, and we're now expanding into the UK with the launch of our London office. We are just getting started. Ready to build the future? Join BLP Digital today.

You'll be BLP's single owner of security and compliance end to end. Working directly alongside the CTO, you'll keep our ISO 27001 and SOC 2 certifications in good standing, unblock enterprise deals through fast and credible security responses, and reduce manual compliance work through smart automation.

This role sits at the intersection of engineering, compliance, and enterprise sales. You'll have real autonomy and real impact from day one.

• →

  Own security and compliance across the entire company — certifications, infrastructure, customer-facing security, and internal tooling.

• →

  Own and maintain our ISO 27001 and SOC 2 certifications — audits, evidence collection, and continuous compliance.

• →

  Lead customer-facing security questionnaires during enterprise sales cycles, representing BLP's security posture independently and credibly.

• →

  Maintain and improve security documentation: internal policies, controls, and runbooks.

• →

  Drive remediation tasks arising from audits and penetration tests.

• →

  Build internal AI tooling to automatically answer security questionnaires and systematically reuse existing knowledge.

• →

  Improve and secure our AWS / GCP infrastructure.

• →

  Contribute to CI/CD pipelines, build infrastructure, and AWS migration initiatives.

• →

  Work closely with the CTO on security strategy, infrastructure decisions, and the compliance roadmap.

• Direct ownership — you are the single point of accountability for security and compliance across a global SaaS platform with 20,000+ daily users.

• Work directly with the CTO on strategy, not just execution.

• Build AI-powered internal tooling that eliminates repetitive compliance work.

• Autonomy and ownership from day one, in a fast-moving but highly technical environment.

• Remote-friendly with a senior, engineering-focused culture.

• Bachelor’s or Master’s degree in Computer Science, Information Security or equivalent practical experience

• 4+ years of experience in a DevOps, cloud, or security engineering role.

• Hands-on experience owning or co-owning an ISO 27001 or SOC 2 certification — you've lived the audit cycle, not just observed it.

• Comfortable operating independently across compliance processes: audits, controls, documentation, and remediation.

• Confident representing the company's security posture in enterprise sales conversations.

• Practical experience with AWS and/or GCP infrastructure security.

• Strong interest in AI and automation — ideally with experience building internal tooling.

• Familiarity with Vanta or comparable GRC platforms is a plus.