Senior Staff Engineer - Security Compliance
The Community you will join:
At Airbnb, we want to build a world where anyone can belong anywhere – and the first step in that direction is creating a community that’s open, inclusive, and built on trust. In a world where our digital presence and identity is as important as our physical presence, we believe that a fundamental part of earning this trust is by ensuring that we protect our users, the data they entrust to us, and our infrastructure. At Airbnb, our Information Security practices, and resulting trust, are part of the reason users choose to use and continue using our products.
The Information Security team plays a critical role in maintaining and building our community’s trust in our platform that enables millions of users to explore the world and belong anywhere. As a critical horizontal function within Airbnb, Information Security spans the scope of the company and organizations that make it up to secure Airbnb giving anyone who joins the team the ability to see all aspects of the business.
The difference you will make:
As a Sr. Staff Security Compliance Engineer, you will lead the strategy and execution of Airbnb’s security compliance engineering efforts effectively bridging security compliance obligations (both internal and external) with practical engineering solutions to achieve both business objectives and compliance outcomes.
You will operate as a technical leader across Security, Engineering, Legal, Privacy, Risk, and Audit teams. This role is ideal for someone who can translate ambiguous compliance obligations into clear, practical technical requirements while partnering with to achieve relevant outcomes. Security Compliance should help secure Airbnb, not burden it unnecessarily.
A typical day:
Own and evolve the security compliance engineering roadmap, aligning security controls with business priorities and risk appetite.
Serve as a technical authority on security compliance domains (e.g., SOC 2, ISO 27001, PCI DSS, SOX, GDPR/Privacy adjacent controls, internal security standards).
Define control objectives, success metrics, and maturity models; drive improvements through measurable outcomes.
Partner to design, implement, and easily testable scaled controls (preventive/detective) across Airbnb’s technical environments and business processes.
Drive building and maintaining evidence automation and continuous compliance mechanisms (e.g., control monitoring, configuration validation, policy-as-code, automated attestations).
Partner with platform teams to embed compliance requirements into existing paved paths limiting bespoke workflows and implementations.
Work closely with security policy, risk, compliance, and broader audit functions to define relevant assessment and audit plans for needed areas ensuring they are testable, repeatable, and low-friction.
Lead complex, cross-org initiatives to remediate control gaps and reduce audit burden through engineering-first solutions.
Provide consultation and hands-on support for product launches, architectural reviews, and high-risk changes requiring compliance alignment.
Your expertise:
12+ years of experience in security engineering, compliance engineering, platform security, or related domains (or equivalent practical experience)
BS, MS or PhD in CS or related field is preferred
Proven experience leading large-scale, cross-functional security or compliance initiatives with measurable outcomes.
Strong understanding of at least two of the following frameworks/areas:
SOC 2 / ISO 27001
PCI DSS
SOX ITGC / access controls
Cloud security controls (AWS/GCP), IAM, logging/monitoring
Secure SDLC controls, vulnerability management, change management
Demonstrated ability to translate compliance requirements into practical engineering deliverables (systems, automation, monitoring, workflows).
Strong written and verbal communication skills; ability to drive alignment across Engineering, Security, and GRC stakeholders.
Your Location:
This position is US - Remote Eligible. The role may include occasional work at an Airbnb office or attendance at offsites, as agreed to with your manager. While the position is Remote Eligible, you must live in a state where Airbnb, Inc. has a registered entity. Click here for the up-to-date list of excluded states. This list is continuously evolving, so please check back with us if the state you live in is on the exclusion list . If your position is employed by another Airbnb entity, your recruiter will inform you what states you are eligible to work from.
Our Commitment To Inclusion & Belonging:
Airbnb is committed to working with the broadest talent pool possible. We believe diverse ideas foster innovation and engagement, and allow us to attract creatively-led people, and to develop the best products, services and solutions. All qualified individuals are encouraged to apply.
We strive to also provide a disability inclusive application and interview process. If you are a candidate with a disability and require reasonable accommodation in order to submit an application, please contact us at: reasonableaccommodations@airbnb.com. Please include your full name, the role you’re applying for and the accommodation necessary to assist you with the recruiting process.
We ask that you only reach out to us if you are a candidate whose disability prevents you from being able to complete our online application.
About the job
Apply for this position
Senior Staff Engineer - Security Compliance
The Community you will join:
At Airbnb, we want to build a world where anyone can belong anywhere – and the first step in that direction is creating a community that’s open, inclusive, and built on trust. In a world where our digital presence and identity is as important as our physical presence, we believe that a fundamental part of earning this trust is by ensuring that we protect our users, the data they entrust to us, and our infrastructure. At Airbnb, our Information Security practices, and resulting trust, are part of the reason users choose to use and continue using our products.
The Information Security team plays a critical role in maintaining and building our community’s trust in our platform that enables millions of users to explore the world and belong anywhere. As a critical horizontal function within Airbnb, Information Security spans the scope of the company and organizations that make it up to secure Airbnb giving anyone who joins the team the ability to see all aspects of the business.
The difference you will make:
As a Sr. Staff Security Compliance Engineer, you will lead the strategy and execution of Airbnb’s security compliance engineering efforts effectively bridging security compliance obligations (both internal and external) with practical engineering solutions to achieve both business objectives and compliance outcomes.
You will operate as a technical leader across Security, Engineering, Legal, Privacy, Risk, and Audit teams. This role is ideal for someone who can translate ambiguous compliance obligations into clear, practical technical requirements while partnering with to achieve relevant outcomes. Security Compliance should help secure Airbnb, not burden it unnecessarily.
A typical day:
Own and evolve the security compliance engineering roadmap, aligning security controls with business priorities and risk appetite.
Serve as a technical authority on security compliance domains (e.g., SOC 2, ISO 27001, PCI DSS, SOX, GDPR/Privacy adjacent controls, internal security standards).
Define control objectives, success metrics, and maturity models; drive improvements through measurable outcomes.
Partner to design, implement, and easily testable scaled controls (preventive/detective) across Airbnb’s technical environments and business processes.
Drive building and maintaining evidence automation and continuous compliance mechanisms (e.g., control monitoring, configuration validation, policy-as-code, automated attestations).
Partner with platform teams to embed compliance requirements into existing paved paths limiting bespoke workflows and implementations.
Work closely with security policy, risk, compliance, and broader audit functions to define relevant assessment and audit plans for needed areas ensuring they are testable, repeatable, and low-friction.
Lead complex, cross-org initiatives to remediate control gaps and reduce audit burden through engineering-first solutions.
Provide consultation and hands-on support for product launches, architectural reviews, and high-risk changes requiring compliance alignment.
Your expertise:
12+ years of experience in security engineering, compliance engineering, platform security, or related domains (or equivalent practical experience)
BS, MS or PhD in CS or related field is preferred
Proven experience leading large-scale, cross-functional security or compliance initiatives with measurable outcomes.
Strong understanding of at least two of the following frameworks/areas:
SOC 2 / ISO 27001
PCI DSS
SOX ITGC / access controls
Cloud security controls (AWS/GCP), IAM, logging/monitoring
Secure SDLC controls, vulnerability management, change management
Demonstrated ability to translate compliance requirements into practical engineering deliverables (systems, automation, monitoring, workflows).
Strong written and verbal communication skills; ability to drive alignment across Engineering, Security, and GRC stakeholders.
Your Location:
This position is US - Remote Eligible. The role may include occasional work at an Airbnb office or attendance at offsites, as agreed to with your manager. While the position is Remote Eligible, you must live in a state where Airbnb, Inc. has a registered entity. Click here for the up-to-date list of excluded states. This list is continuously evolving, so please check back with us if the state you live in is on the exclusion list . If your position is employed by another Airbnb entity, your recruiter will inform you what states you are eligible to work from.
Our Commitment To Inclusion & Belonging:
Airbnb is committed to working with the broadest talent pool possible. We believe diverse ideas foster innovation and engagement, and allow us to attract creatively-led people, and to develop the best products, services and solutions. All qualified individuals are encouraged to apply.
We strive to also provide a disability inclusive application and interview process. If you are a candidate with a disability and require reasonable accommodation in order to submit an application, please contact us at: reasonableaccommodations@airbnb.com. Please include your full name, the role you’re applying for and the accommodation necessary to assist you with the recruiting process.
We ask that you only reach out to us if you are a candidate whose disability prevents you from being able to complete our online application.