GRC and Security Engineer

We’re looking for a Security Engineer with a tech-first mindset that can help grow and enhance Cybersecurity and Privacy Organization. We work to make technology the easiest part of our internal customers’ jobs.

As an Engineer supporting our Governance, Risk, and Compliance (GRC) platform, you will play a crucial role in enhancing and maintaining our GRC infrastructure. Your technical expertise will ensure the efficiency, automation, and seamless operation of our GRC systems. 

Responsibilities:

• Design, deploy, manage, and improve critical security infrastructure services/tools, including those for authentication and authorization, PKI, secrets management, logging, detection, vulnerability management, and more.
• Develop and enhance our GRC platform, ensuring it meets evolving security needs.
• Maintain robust system connectivity by ensuring comprehensive logging, monitoring/auditing, and management of security events for clear visibility.
• Oversee workflow management to streamline and enhance security processes, ensuring efficient and effective handling of security operations and incident response.
• Collaborate with both internal and external partners on all platform designs.
• Continuously validate technology and processes to ensure alignment with our cyber strategy, risk management, and governance frameworks.
• Operate within an Agile or Kanban sprint framework.
• Prepare and maintain security documentation, including diagrams, standard build documents, and best practice procedures.

Requirements:

• A bachelor’s degree in computer science, Engineering, or a related field, or equivalent education and experience.
• At least 5-7 years of experience in a security or technical engineering role.
• A minimum of 5-7 years of experience supporting engineering platforms.
• A minimum of 5-7 years working in agile development methodologies.
• Proven ability to manage and track multiple projects and deliverables simultaneously.
• Strong knowledge of systems and networking software, hardware, and networking protocols.
• A minimum of 5-7 years’ experience coding languages such as Python, or Java.
• Experience with Onspring, Archer or other similar GRC platforms.
• Optional: At least 5-7 years of experience with scripting and automation tools; certifications in Linux, Microsoft, or other network-related fields are preferred. 

Preferred Qualifications:

• High-level understanding of a broad range of security topics, such as networking, cloud security, secure software, cryptography; CISSP or equivalent is a plus.
• Experience with industry/regulatory security compliance frameworks such as SOX, PCI DSS, NIST SP800-53 is a plus.
• System administration and IT certifications in Linux, Microsoft, or other network-related fields are a plus.