System Engineer

We are seeking a highly skilled and motivated Security, Compliance, Service Governance, and FinOps Engineer to join our Platform Engineering Team. This role is critical in ensuring that our developer platform adheres to security, compliance, and governance standards for Europe and North America while also managing FinOps practices to optimize cloud cost efficiency. The personnel will work closely with engineering teams to implement security best practices, ensure regulatory compliance, enforce service governance policies, and drive cost optimization.

• Security & Compliance:
   

  • Implement security best practices within the platform, ensuring alignment with industry standards (ISO 27001, SOC 2, NIST, etc.).

  • Enforce regulatory compliance with GDPR, CCPA, and other region-specific privacy regulations.

  • Conduct risk assessments and vulnerability management within the platform. 

  • Collaborate with security teams to design and integrate zero-trust architectures and IAM policies.

• Service Governance:

  • Define and enforce governance policies for service publishing and consumption.

  • Ensure API and microservices security compliance (OAuth, OpenID Connect, API gateways).

  • Monitor service reliability, availability, and SLA compliance.

• FinOps & Cloud Cost Optimization:

  • Develop and implement FinOps strategies to optimize cloud usage and reduce costs.

  • Monitor and analyze cloud expenditures to provide insights and recommendations for cost savings.

  • Collaborate with finance and engineering teams to establish budget controls and forecasting for cloud resources.

  • Implement automation for cost management, including auto-scaling, resource tagging, and anomaly detection.

• Automation & Monitoring:
   

  • Automate compliance and governance checks using tools like OPA, Terraform, Kubernetes policies (Kyverno, Gatekeeper), and CI/CD security scanning tools.

  • Implement observability tools for audit logging, security monitoring, and anomaly detection.

• Collaboration & Stakeholder Engagement:
   

  • Work closely with engineering, DevOps, and security teams to embed compliance into the software development lifecycle.

  • Provide training and best practice guidelines to developers on security, governance, and FinOps.

• 5+ years of experience in security, compliance, governance, or FinOps within a cloud-based platform environment.

• Strong understanding of cloud security principles (AWS, Azure, or GCP).

• Hands-on experience with CI/CD security tools (e.g., Snyk, SonarQube, Aqua Security, Prisma Cloud).

• Proficiency in infrastructure-as-code (IaC) (Terraform, CloudFormation) and security automation.

• Familiarity with Kubernetes security (Pod Security Policies, RBAC, network policies).

• Knowledge of regulatory compliance standards (GDPR, SOC 2, ISO 27001, NIST 800-53).

• Experience with IAM, RBAC, and policy-based security controls.

• Strong scripting skills (Python, Bash, or similar) for automation.

• Experience with FinOps tools (AWS Cost Explorer, Azure Cost Management, GCP Cost Analysis) and cloud financial management best practices.

• Excellent problem-solving and communication skills.

• Certifications such as CISSP, CISM, AWS Security Specialty, CKS, or FinOps Certified Practitioner.

• Experience with service mesh technologies (Istio, Linkerd) for governance.

• Exposure to DevSecOps methodologies and security-as-code principles.

• Prior experience working in regulated industries (finance, healthcare, etc.).

• Ensuring Compliance: With evolving privacy laws (GDPR, CCPA, etc.) in Europe and North America, a dedicated role is essential to maintain compliance.

• Security Risk Mitigation: As the platform scales, ensuring secure CI/CD pipelines and service publishing reduces vulnerabilities.

• Service Governance: Standardized governance enhances interoperability, security, and reliability of published services.

• FinOps Efficiency: Optimizing cloud costs and ensuring financial governance is crucial to managing infrastructure expenditures effectively.

• Developer Enablement: Providing automated security, compliance, and cost governance frameworks allows developers to focus on innovation while adhering to best practices.

About Trimble:

Trimble is a leading provider of advanced positioning solutions that maximize productivity and enhance profitability for our customers. We are an exciting, entrepreneurial company, with a history of exceptional growth coupled with a disciplined and strategic focus on being the best. While GPS is at our core, we have grown beyond this technology to embrace other sophisticated positioning technologies and, in doing so, we are changing the way the world works. Those who successfully lead others to meet our objectives are vital to our organization. Leadership at Trimble is much more than simply exercising assigned authority; we expect our leaders to embrace a mission-focused leadership style, demonstrating the strength of character, intellect and the ability to convert ideas to reality. www.trimble.com