Description:

Jobgether is a Talent Matching Platform that connects top talent with opportunities through AI-driven job matching.
A company is seeking a highly skilled Senior Security Engineer in the United States.
The role involves leading the implementation of Governance, Risk, and Compliance (GRC) strategies.
Responsibilities include automating evidence collection, enforcing security standards, and enhancing internal processes for continuous compliance.
The Senior Security Engineer will work closely with engineering, infrastructure, and audit teams to drive technical security initiatives across cloud-based environments.
The position contributes to securing new product releases and supporting compliance frameworks such as SOC 2 and ISO 27001.
Key accountabilities include leading GRC process design, owning the vulnerability management program, conducting compliance reviews, building security metrics, managing information security policies, partnering with stakeholders and auditors, operating access reviews, and managing vendor compliance.

Requirements:

Candidates must have 6–8 years of experience in security engineering, GRC, or IT compliance within SaaS or cloud environments.
Proficiency with scripting, APIs, and cloud platforms like AWS or Azure is required.
A deep understanding of security frameworks and standards such as SOC 2, ISO 27001, 27018, and 27701 is essential.
Hands-on experience with SIEM, vulnerability management, endpoint protection, and DLP tools is necessary.
Strong project management skills and the ability to lead audits and technical assessments are required.
Excellent written and verbal communication skills for documenting policies and guiding stakeholders are essential.
Familiarity with tools like Jira for compliance tracking and vendor due diligence processes is preferred.
Industry certifications such as CISSP, CISA, or CRISC are a plus.