Infrastructure Compliance Lead

Meta Meta · Big Tech · Menlo Park, CA

This role focuses on driving security compliance and risk governance for Meta's data center infrastructure, including subsea cable systems and terrestrial backbone. The Lead will own compliance programs, manage external certifications (SOC2, ISO 27001, PCI-DSS), handle government and regulatory responses, and build independent oversight functions. While the role mentions integrating AI tools and responsible AI practices, its core function is infrastructure compliance, not AI/ML development.

What you'd actually do

  1. Own network and telecom compliance for subsea cable systems, terrestrial backbone, and network operator obligations — ensuring Meta's network infrastructure meets international telecom regulations and licensing requirements across all operating jurisdictions
  2. Drive external certification programs including SOC2, ISO 27001, PCI-DSS, and subsea licensing. Coordinate evidence collection, manage auditor engagements, and minimize operational disruption to engineering teams
  3. Manage government and regulatory response end-to-end — including inquiries, regulatory exams, and site inspections at Cable Landing Stations, Network Operations Centers, and data center facilities.
  4. Serve as subject matter expert for US and international regulatory bodies
  5. Own independent 2LoD oversight across data centers — building risk identification frameworks, control monitoring systems, and compliance-by-design processes while providing credible challenge to first-line control owners through testing, gap assessments, and posture reporting to leadership

Skills

Required

  • Experience managing audits, certifications (ISO 27001, SOC2, PCI-DSS), or government regulatory engagements
  • Experience coordinating compliance initiatives across global, distributed engineering teams, including aligning stakeholders, tracking deliverables, and driving programs to completion
  • Knowledge of network infrastructure: subsea cable systems, terrestrial fiber, Edge architecture, and general networking
  • 7+ years of experience in compliance, risk management, or audit with demonstrated program ownership in infrastructure or telecom environments
  • Direct experience with telecom or subsea regulatory frameworks (e.g., FCC, submarine cable licensing, international telecom regulations)
  • Experience building second line of defense or independent oversight functions
  • Demonstrated ability to integrate AI tools to optimize/redesign workflows and drive measurable impact (e.g., efficiency gains, quality improvements)
  • Experience adhering to and implementing responsible, ethical AI practices (e.g., risk assessment, bias mitigation, quality and accuracy reviews)
  • Demonstrated ongoing AI skill development (e.g., prompt/context engineering, agent orchestration) and staying current with emerging AI technologies

Nice to have

  • Bachelor's degree in Computer Science, Computer Engineering, relevant technical field, or equivalent practical experience
  • Familiarity with hyperscaler data center operations and infrastructure at scale

What the JD emphasized

  • security compliance
  • risk governance
  • regulatory readiness
  • international telecom regulations
  • SOC2
  • ISO 27001
  • PCI-DSS
  • government and regulatory response
  • independent 2LoD oversight
  • responsible, ethical AI practices
  • AI skill development