SIGN IN
Trust and Safety Engineer jobs in United States
cer-icon
Apply on Employer Site
company-logo

SpotOn · 4 hours ago

Trust and Safety Engineer

positionChicago, IL
timeFull-time
remoteOnsite
seniorityMid, Senior Level
money$85K/yr - $117K/yr
date3+ years exp
SpotOn is a company dedicated to providing independent restaurants with the tools they need to succeed. They are seeking a Trust & Safety Engineer to enhance their eCommerce platform's security and compliance by building and automating security controls while ensuring adherence to regulatory standards.
Mobile PaymentsPaymentsSales AutomationSoftware
check
H1B Sponsor Likelynote

Responsibilities

Lead security incident response efforts, including containment, investigation, root cause analysis, and post-incident reviews. You must be able to organize complex information, initiate response workflows, and confidently lead calls with key stakeholders
Manage and monitor endpoint security tools (e.g., CrowdStrike). You must be familiar with modern security requirements for managed devices including laptops, containerized resources, servers, and mobile devices
Operate and enhance security monitoring and alerting across cloud, SaaS, endpoint, and identity environments
Triage and investigate security alerts related to access misuse, policy violations, suspicious activity, and data exposure
Maintain and tune SIEM detections, alert thresholds, and response playbooks
Leverage AI tools and technologies to enhance Security Operations
Lead the technical requirements to enable automation capabilities to improve time-to-respond, evidence collection, and overall efficacy for visibility and reporting
Implement and automate compliance workflows by building integrations that support SOC 2, ISO 27001, PCI DSS, and privacy initiatives
Ensure evidence is collected automatically and control performance is continuously validated
Translate policies into technical solutions, and annually maintain policies to ensure they remain current with evolving business and regulatory needs
Evaluate risk posture and technical requirements for third-party vendors to ensure alignment with internal trust and security standards
Identify areas for AI tools and technologies to enhance GRC functions
Engineer and maintain data protection controls—including encryption, logging, access management, data retention, and proper storage and segregation of PII
Conduct periodic user access reviews and implement least-privilege access controls and privileged access workflows
Detect and investigate insider risk indicators and anomalous access patterns
Secure by Design: Partner with product, engineering, and IT teams to embed compliance-by-design principles into new systems and business processes

Qualification

Security EngineeringCompliance AutomationIncident ResponseCloud SecurityScriptingSIEM AdministrationCISSP CertificationAI ToolsRisk ManagementSoft Skills

Required

3–7 years of experience in security engineering, compliance automation, Security Operations, or GRC-aligned roles in a SaaS or eCommerce environment
Bachelor's degree in Computer Science, Cybersecurity, Information Systems, or related field (or equivalent experience)
Hands-on experience implementing and administering endpoint management & security technologies
Understanding of compliance frameworks including SOC 2, PCI DSS, GDPR, and CCPA
Hands-on experience securing cloud platforms and SaaS management tools
Proficiency in scripting (Python, PowerShell, Bash)
Experience leveraging AI tools and technologies to create opportunities for optimization, automation, and intelligent use of data integrations
Experience administering a SIEM, alerting, and incident response workflows
Experience with compliance automation platforms (e.g., Drata)
Background in risk scoring or control maturity frameworks
Comfortable leading large calls with key stakeholders and explaining technical controls to non-technical audiences
A bias for action; you are a self-starter comfortable working autonomously
Possess intellectual curiosity at all times
Desire to build and maintain relationships across the business including both technical and non-technical teams

Preferred

Certifications: CISSP is preferred but not required

Company

SpotOn

twittertwittertwitter
Glassdoor3.6
company-logo
SpotOn provides mobile payment technology and a management system for restaurants and small businesses.
dateFounded in 2017
location
San Francisco, California, USA
people-size1001-5000 employees
web-link
https://www.spoton.com

H1B Sponsorship

SpotOn has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (7)
2024 (3)
2023 (5)
2022 (7)
2021 (2)
2020 (2)

Funding

Current Stage
Late Stage
Total Funding
$918M
Key Investors
Dragoneer Investment GroupAndreessen HorowitzDST Global
2022-05-18Series F· $300M
2021-09-13Series E· $300M
2021-05-25Series D· $125M

Leadership Team

leader-logo
Zach Hyman
Co-Founder
linkedin
leader-logo
Mark Walz
Chief Technology Officer
linkedin

Recent News

PR Newswire
SpotOn, the Restaurant Tech Partner of Guy's Flavortown Tailgate, Helps Independent Restaurants Get Game-Day Ready
2026-01-16
PR Newswire
Adalina Taps SpotOn as Technology Partner for Its Newest Concept, Adalina Prime
2025-12-02
Benzinga.com
LA Dodgers Ownership Group Makes Money Moves As Its VC Arm Invests in Professional Dance League Startup
2025-11-14
Company data provided by crunchbase