GoHighLevel

Security Engineer

Delhi Remote April 20, 2026 Lever

About us

HighLevel is an AI-powered business operating system that gives agencies, entrepreneurs and SMBs the infrastructure to build, automate and scale. Today, HighLevel supports SMBs across 150+ countries, fueling community-driven growth rooted in real customer outcomes.
To date, businesses operating on HighLevel have generated over $7 billion in ecosystem value, demonstrating the impact of shared infrastructure at scale. By centralizing conversations, automation and intelligence into one system, we help businesses move faster, reduce complexity and execute efficiently.
Behind the platform, HighLevel powers more than 4 billion API hits and 2.5 billion message events daily. With 250 terabytes of distributed data, 250+ microservices and over 1 million domain names supported, our architecture is built for performance, resilience and long-term scalability.

Our people

With over 2,000 team members across 10+ countries, HighLevel operates as a global, remote-first organization built for speed and ownership. We value initiative, clarity and execution, creating space for ambitious people to build systems that support millions of businesses worldwide. Here, innovation thrives, ideas are celebrated and people come first, no matter where they call home.

Our impact

Every month, HighLevel enables more than 1.5 billion messages, 200 million leads and 20 million conversations for the more than 1 million businesses we support. Behind those numbers are real people building independence, expanding opportunity and creating measurable impact. We’re proud to be a part of that.
Learn more about us on our YouTube Channel or Blog Posts

About us

HighLevel is an AI-powered business operating system that gives agencies, entrepreneurs and SMBs the infrastructure to build, automate and scale. Today, HighLevel supports SMBs across 150+ countries, fueling community-driven growth rooted in real customer outcomes.
To date, businesses operating on HighLevel have generated over $7 billion in ecosystem value, demonstrating the impact of shared infrastructure at scale. By centralizing conversations, automation and intelligence into one system, we help businesses move faster, reduce complexity and execute efficiently.
Behind the platform, HighLevel powers more than 4 billion API hits and 2.5 billion message events daily. With 250 terabytes of distributed data, 250+ microservices and over 1 million domain names supported, our architecture is built for performance, resilience and long-term scalability.

Our people

With over 2,000 team members across 10+ countries, HighLevel operates as a global, remote-first organization built for speed and ownership. We value initiative, clarity and execution, creating space for ambitious people to build systems that support millions of businesses worldwide. Here, innovation thrives, ideas are celebrated and people come first, no matter where they call home.

Our impact

Every month, HighLevel enables more than 1.5 billion messages, 200 million leads and 20 million conversations for the more than 1 million businesses we support. Behind those numbers are real people building independence, expanding opportunity and creating measurable impact. We’re proud to be a part of that.
Learn more about us on our YouTube Channel or Blog Posts

EEO Statement: 
 
The company is an Equal Opportunity Employer. As an employer subject to affirmative action regulations, we invite you to voluntarily provide the following demographic information. This information is used solely for compliance with government recordkeeping, reporting, and other legal requirements. Providing this information is voluntary and refusal to do so will not affect your application status. This data will be kept separate from your application and will not be used in the hiring decision.
 
#LI-Remote #LI-MS1

Responsibilities

  • Lead end-to-end PCI DSS compliance, including CDE scoping and reduction, control implementation/validation, and audit management (RoC/SAQ, QSAs).
  • Lead and support SOC 2 Type II attestation initiatives, including TSC mapping, evidence collection, control testing, and remediation tracking
  • Support and maintain ISO 27001 ISMS, including risk assessments, SoA, internal audits, and continuous improvement activities
  • Develop and enforce security policies, standards, and procedures aligned with PCI DSS, SOC 2, and ISO 27001
  • Partner with Security, Platform, and Application teams to ensure controls are technically implemented and continuously operating
  • Collaborate with Security Architecture to review and validate security exceptions and ensure compliance alignment
  • Track, review, and periodically reassess approved exceptions to minimize long-term risk exposure
  • Own the Third-Party Risk Management (TPRM) program, including vendor tiering, risk assessments, and security reviews
  • Evaluate vendor compliance posture, including PCI DSS requirements, and define remediation or contractual controls
  • Design and manage scalable GRC workflows for risk assessments, vendor reviews, evidence management, and control testing
  • Perform business impact analysis and support BCDR planning and tabletop exercises
  • Prepare and present risk, compliance, and third-party security reports to senior leadership
  • Translate technical risks into business-impact language to support decision-making

    • Qualifications

  • Bachelor’s degree in Information Systems, Computer Science, Cybersecurity, or a related field.
  • 4.5+ years of experience in GRC, risk management, or compliance, with exposure to technical security controls.
  • Strong hands-on experience with PCI DSS, including audits, CDE scoping, and control validation
  • Working knowledge of SOC 2 Type II Trust Services Criteria and audit processes
  • Experience implementing and maintaining ISO 27001 ISMS, including risk assessments and Annex A controls
  • Hands-on experience with third-party vendor risk assessments, tiering, and remediation tracking
  • Ability to interpret technical security concepts such as cloud architecture, network segmentation, access controls, and vulnerability reports
  • Strong analytical, documentation, and stakeholder communication skills
  • Experience working in cloud-native or SaaS environments
  • Certifications such as IPCIP, QSA, CISA, ISO 27001, TPRA or equivalent.
  • Experience with GRC tools such as Vanta, or ServiceNow GRC
  • Knowledge of data protection and privacy regulations such as GDPR and CCPA
  • Familiarity with NIST, CIS Controls, or similar frameworks
  • Experience in SaaS environments with PCI-in-scope systems
    • Apply on company site

    How to Get Hired at GoHighLevel

    • Sign up for a GoHighLevel free trial before applying — hands-on familiarity with the platform's sub-accounts, workflow automations, and agency dashboard will dramatically differentiate you in both your application and interviews
    • Format your resume as a clean, single-column PDF and mirror exact keywords from the job description to optimize for Lever's parsing and recruiter search functionality
    Read the full guide

    How well do you match this role?

    Check My Resume