About CleanStart:

CleanStart is revolutionizing software supply chain security through our
advanced vulnerability database platform and CleanStart product line. We provide
hardened, vulnerability-free container images with built-in security, compliance,
and performance benefits. Our mission is to transform container security by
eliminating pre-existing vulnerabilities and providing full visibility and control over
the software supply chain.

Role Overview:

As an Associate Compliance Engineer, you will support our compliance programs,
with a focus on FIPS certification for our container images. You will assist in
implementing and testing compliant systems, document compliance evidence, and
help maintain certification requirements. Your role is important in ensuring our
products meet the security standards required by government and regulated
customers.

Key Responsibilities:

• Assist in implementing FIPS-compliant components in container images
• Execute test plans for validating compliance with security standards
• Document compliance evidence and maintain certification artifacts
• Support the integration of compliant libraries and modules
• Help monitor changes to compliance requirements and standards
• Collaborate with engineering teams on compliance-related issues
• Assist with security reviews and compliance assessments
• Create and maintain compliance documentation
• Support the development of compliance testing automation

Required Qualifications:

• 1-3 years of experience in compliance, security, or related fields
• Basic understanding of cryptography and security principles
• Familiarity with compliance frameworks (FIPS, NIST, etc.)
• Good documentation and technical writing skills
• Attention to detail and analytical mindset
• Basic knowledge of container technologies
• Understanding of software development processes
• Good communication and teamwork abilities

Preferred Qualifications:

• Experience with FIPS 140-2/140-3 documentation or testing
• Familiarity with Linux security mechanisms
• Basic knowledge of cryptographic libraries and tools
• Experience with compliance documentation or audits
• Understanding of container security concepts
• Background in quality assurance or testing
• Interest in security engineering and cryptography
• Experience with regulatory compliance in software