GRC Security Engineer- III

We’re looking for a Security Engineer with a tech-first mindset that can help grow and enhance our Cybersecurity and Privacy Organization. We work to make technology the easiest part of our internal customers’ jobs. This position will enable process clarity and efficiency and create new insights empowering us for decades to come.

As an Engineer supporting our Governance, Risk, and Compliance (GRC) platform, you will play a crucial role in enhancing and maintaining our GRC infrastructure. Your technical expertise will ensure the efficiency, automation, and seamless operation of our GRC systems.  You will help empower our internal teams to achieve their best work through robust, stable, and innovative solutions.

Responsibilities:

• Design, deploy, manage, and improve critical security infrastructure services/tools, including those for authentication and authorization, PKI, secrets management, logging, detection, vulnerability management, and more.

• Develop and enhance our GRC platform, ensuring it meets evolving security needs.

• Maintain robust system connectivity by ensuring comprehensive logging, monitoring/auditing, and management of security events for clear visibility.

• Collaborate with both internal and external partners on all platform designs.

• Continuously validate technology and processes to ensure alignment with our cyber strategy, risk management, and governance frameworks.

• Operate within an Agile or Kanban sprint framework.

• Prepare and maintain security documentation, including diagrams, standard build documents, and best practice procedures.

                                              
Requirements:

• A bachelor’s degree in computer science, Engineering, or a related field, or equivalent education and experience.

• At least 5-7 years of experience in a security or technical engineering role.

• A minimum of 5-7 years of experience supporting engineering platforms.

• A minimum of 5-7 years working in agile development methodologies.

• Proven ability to manage and track multiple projects and deliverables simultaneously.

• Strong knowledge of systems and networking software, hardware, and networking protocols.

• Experience with Onspring, Archer or other similar GRC platforms.

• A minimum of 5-7 years’ experience coding languages such as Python, or Java.

• High-level understanding of a broad range of security topics, such as networking, cloud security, secure software, cryptography; CISSP or equivalent is a plus.

• Experience with industry/regulatory security compliance frameworks such as SOX, PCI DSS, NIST SP800-53 is a plus.

• System administration and IT certifications in Linux, Microsoft, or other network-related fields are a plus.

• Experience with AI prompt engineering and a solid understanding of underlying AI models and mechanics.

• 5-7 years of experience with scripting and automation tools; certifications in Linux, Microsoft, or other network-related fields are a plus.

We have an amazing team of 700+ individuals working on highly innovative enterprise projects & products. Our customer base includes Fortune 100 retail and CPG companies, leading store chains, fast-growth fintech, and multiple Silicon Valley startups.

What makes Confiz stand out is our focus on processes and culture. Confiz is ISO 9001:2015 (QMS), ISO 27001:2022 (ISMS), ISO 20000-1:2018 (ITSM) and ISO 14001:2015 (EMS) Certified. We have a vibrant culture of learning via collaboration and making workplace fun.

People who work with us work with cutting-edge technologies while contributing success to the company as well as to themselves. 

To know more about Confiz Limited, visit: https://www.linkedin.com/company/confiz-pakistan/