Junior Security Documentation Engineer

About the RoleWe are looking for a [Job Title] to help document and maintain our system and security architecture in line with ISO 27001 and SOC 2 requirements. You’ll work closely with developers, DevOps, and compliance teams to build clear, audit-ready architecture, data-flow, and security control documentation.Key ResponsibilitiesCreate and maintain:System Context & Container Diagrams (C4 Model)Network / Infrastructure diagrams (VPC, subnets, IAM, security groups)Data Flow Diagrams (DFD) showing movement of customer data & PIIEntity Relationship Diagrams (ERD) for key databasesCI/CD and access control flows for compliance traceabilityAlign documentation with ISO 27001 Annex A controls and SOC 2 Trust Principles.Maintain architecture documents in Git / Confluence / Notion (version control).Work with engineers to track design changes and update documentation weekly.Assist the compliance team during internal & external audits by providing diagrams and technical evidence.Ensure all documents have metadata (owner, version, date, classification).Required SkillsKnowledge of basic cloud architecture (AWS / GCP / Azure).Ability to use diagramming tools (Lucidchart, Draw.io, Mermaid, PlantUML, etc.).Understanding of network security, data flows, and access control.Familiarity with ISO 27001 / SOC 2 / OWASP security design concepts (can be self-taught).Good written English and clear documentation style.Preferred (nice-to-have)Hands-on experience with any backend (Nest.js / Node.js / etc.) — for understanding flows.Basic understanding of Postgres (RLS), Redis, Kafka, or S3 storage.Experience assisting in an ISO 27001 or SOC 2 audit cycle.