Job Specifications
Your Impact at Lila
Cloud Security & Compliance Lead is responsible for the end-to-end security, governance, risk management, and regulatory compliance of Lila Sciences’ cloud environments and research workflows. You’ll own cloud security architecture, policy frameworks, data protection, and compliance programs across multi-cloud and on-premises contexts as appropriate. You’ll partner with Engineering, Data Science, IT, Legal, and Compliance to codify secure patterns, enable rapid yet safe experimentation, and maintain a robust governance program with auditable evidence for regulators and customers.
What You'll Be Building
Cloud Security Architecture & Governance
Define and maintain cloud security strategy, reference architectures, and security baselines for public cloud (AWS, Azure, GCP) and hybrid deployments.
Implement secure-by-default patterns for CI/CD is intentionally out of scope; focus on secure design patterns for cloud resources, data flows, and analytics.
Establish IAM least privilege, network segmentation, private endpoints, key/secret management, and centralized logging across AWS, Kubernetes (where applicable), and cloud-native services.
Governance, Compliance & Risk Management
Develop, implement, and continuously improve policies, standards, and procedures aligned to applicable frameworks (e.g., NIST CSF, NIST 800-53, FedRamp, ISO 27001, SOC 2, GDPR/CCPA).
Lead data protection program: data classification, data minimization, data retention, and data lifecycle management; oversee DLP strategies where relevant.
Manage third-party risk assessments, vendor security questionnaires, and contract security annexes; maintain evidence for audits.
Security Controls & Monitoring
Define and oversee security controls across cloud resources, including identity, access management, encryption, key management, log collection, and telemetry.
Collaborate with Security Operations to establish monitoring, alerting, incident response coordination, and evidence collection for audits.
Compliance & Audit Readiness
Prepare for internal and external audits; map controls to frameworks and translate them into engineering artifacts and evidence.
Maintain alignment with SOC 2, ISO 27001, and other regulatory requirements, coordinate with Legal and Privacy on data protection controls.
Data, ML/AI Security & Privacy
Ensure secure data movement, storage, and access patterns; implement data lineage and isolation for training vs. inference in ML workflows.
Address privacy-by-design considerations in data science processes; oversee secure handling of sensitive datasets.
Collaboration & Enablement
Partner with Engineering, IT, Legal, and Commercial teams to ensure cohesive risk management.
Provide security training and awareness for engineering, data science, and product teams; translate security requirements into actionable tasks.
Evidence & Documentation
Create and maintain security documentation, runbooks, policies, and evidence packs suitable for audits and regulator requests.
What You’ll Need To Succeed
Education: Bachelor’s degree in computer science, Information Security, Cybersecurity, Engineering, or related field. Masters preferred.
Experience: 5–8+ years in cloud security, information security, or a related role; hands-on experience with cloud environments (AWS, Azure, GCP) and Kubernetes is a plus; experience in governance, risk, and compliance activities.
Certifications: CISSP, CISM, CCSK, ISO 27001 Lead Auditor, SOC 2 Practitioner, or cloud security certifications are desirable.
Technical Skills: Strong understanding of cloud architectures, IAM, encryption, KMS, secret management, data protection, and network security.
Familiarity with Kubernetes concepts and security considerations (RBAC, network policies, pod security standards) as they apply to governance and compliance contexts.
Experience with policy frameworks and policy-as-code concepts (OPA, Kyverno, Checkov) for governance and automated compliance checks.
Knowledge of SBOMs, software supply chain concepts, artifact signing (Cosign/Sigstore), and SBOM generation.
Familiarity with audit-ready control mapping, risk assessment, and remediation tracking.
Soft Skills: Excellent communication, stakeholder management, and the ability to translate complex security requirements into actionable business and engineering tasks.
Bonus Points For
Experience with data-intensive research environments, HPC, or bioinformatics workloads.
Familiarity with privacy by design, data governance, and model governance in ML/AI contexts.
Prior startup or high-growth experience enabling developer velocity with strong guardrails; knowledge of Sigstore/Cosign and SLSA concepts for software supply chain integrity.
Experience with at least one modern programming language (Python, Go, Rust, JavaScript) for automation or tooling.
About Lila
Lila Sciences is the world’s first scientific superintelligence platform and autonomous lab for life, chemistry, and materials science