About Nutrient

At Nutrient, we’re transforming how the world works with documents. Our tools turn static files into intelligent, integrated workflows that power mission-critical software for some of the world’s most innovative companies. From construction to legal tech, our customers use Nutrient to build faster, scale smarter, and replace outdated paper-based processes with secure, scalable document technology.

Our platform is trusted by thousands of organizations across 80+ countries including Fortune 500 firms, governments, and industry pioneers—and supports nearly a billion end users globally.

Your Role at Nutrient...

We’re looking for a highly self-driven Security & Compliance Engineer who uses AI tools as a natural part of how they work. This is a broad, high-ownership role with two equally important sides: product security — vulnerability response, automation, and supply chain assurance — and compliance, where there’s a growing and ongoing need to build evidence workflows, respond to enterprise due diligence, and keep our posture current with an evolving regulatory landscape. A lot of this work will be solo, so the ability to self-manage, prioritize, and drive outcomes without hand-holding is essential.

We’re not looking for a unicorn with deep expertise in every domain — we’re looking for someone who learns fast, ships clean automation, and is genuinely excited about using AI to multiply their own capacity. You’ll be joining a lean, async-first team where your work will be directly visible, and where the expectation is measurable outcomes over activity.

What You'll Work On...

• Own the vulnerability response loop end-to-end — intake, triage, dedupe, owner routing, remediation tracking, and closure — including supporting customer-facing security response workflows
• Build and operate compliance workflows — evidence management, security questionnaire response libraries, audit coordination, and keeping our posture aligned with frameworks like SOC 2, ISO 27001, GDPR, DORA, and the EU AI Act
• Build and maintain security automation across CI/CD and collaboration tooling (Buildkite, Jira, Slack) to route findings, reduce noise, track SLAs, and surface clear dashboards and reporting
• Deliver a rotating queue of enterprise capability projects — SBOM/SCA workflows, SAST rollout with AI-assisted triage, infrastructure security posture improvements, and enterprise due diligence support
• Use agentic AI and AI-assisted development as a core part of your workflow — with appropriate validation, testing, and guardrails — to accelerate delivery and stay at the cutting edge
• Treat everything you ship as a product — runbooks, metrics, and maintainability so systems don’t become knowledge sinks and others can step in

What You'll Bring...

• AI nativity — you use AI tools to accelerate your work as a matter of course, know how to validate outputs and build reliable agentic loops, and stay current with how the tooling is evolving
• Speed of learning — you pick up new domains, languages, and systems quickly and are comfortable operating across a broad, polyglot environment without needing to be an expert in everything upfront
• Strong self-management — you can own a queue of work independently, communicate progress clearly in writing, and drive outcomes without relying on meetings or close oversight
• Software engineering fundamentals — experience shipping and maintaining automation, integrating systems via APIs (Jira, Slack, etc.), and working with CI/CD pipelines (Buildkite a plus; GitHub Actions, GitLab CI also fine)
• Some security or compliance background — we’re intentionally broad here. Relevant experience could span vulnerability management, application security, cloud/infra security, compliance workflows, or audit coordination. Depth in one area is fine; curiosity across all of them matters more
• Bonus: SBOM/SCA familiarity (CycloneDX, SPDX, Syft), SAST tooling experience, IaC/CSPM exposure, or hands-on experience with compliance frameworks and EU regulatory requirements

Who Thrives Here...

At Nutrient, we’re not just hiring for skills — we’re hiring for mindset. The people who thrive here are:

• Collaborators: You collaborate openly, listen actively, and prioritize team success over ego.
• Hungry Learners: Rapid learning fuels progress and career growth.
• Curious Thinkers: You dig deep to uncover the “why,” valuing understanding over simply being right.
• Self-Starters: You take action without waiting for direction, turning obstacles into opportunities with creativity and persistence.
• Owners: You take responsibility for solutions and outcomes, always looking for ways to improve what’s within your control.
• Doers: You’re energized by progress, motivated to create meaningful impact, and eager to tackle challenges.

Why You'll Love Working Here...

At Nutrient, we build tools that reshape how businesses and developers work with documents. Our culture is centered on continuous growth and collaboration — every team member has room to learn, innovate, and drive meaningful impact.

• Mission-critical product — Nutrient’s platform is trusted by 15%+ of the Global 500 across 80+ countries. Security and compliance aren’t checkboxes here; they’re directly tied to enterprise revenue and customer trust.
• AI-native from day one — we expect you to use the latest AI tools as a core part of your workflow. You’ll be at the forefront of how security engineering is evolving, not catching up to it.
• Real ownership in a lean team — broad scope, high autonomy, and direct visibility into the impact of your work across a globally distributed engineering org.
• Fully remote and async-first — minimal meetings, strong writing culture, and the independence to manage your own work.
• Strong growth trajectory — tripled revenue and nearly doubled ARR year-over-year, backed by Insight Partners, with competitive comp and an annual global retreat.

Nutrient believes in equal opportunity. We employ people from many cultures and countries, celebrate diversity, and are committed to building a team that represents a variety of backgrounds, skill sets, and perspectives. We do not discriminate on the basis of race, color, religion, age, marital status, national origin, ancestry, physical or mental disability, medical condition, sexual orientation, gender identity or expression, or any other non-merit factor.

Let’s build the future of document technology together. 🚀