Security & Compliance Engineer
Employment Information
Report this job
Job expired or something wrong with this job?
Job Description
Security & Compliance Engineer improving operational security for SaaS products at Grant Street Group. Focused on vulnerability management and compliance in AWS and Linux environments.
Responsibilities:
- Support the day-to-day security posture of systems and services across cloud and on-prem environments.
- Review vulnerability findings from scanners, penetration tests, and other assessments, and help drive remediation to closure.
- Partner with infrastructure, platform, and engineering teams on secure configuration, access control, logging, monitoring, and incident readiness.
- Support compliance and assessment activities related to GovRAMP/FedRAMP, PCI DSS, internal reviews, and third-party examinations.
- Use AWS security tooling effectively, support day-to-day security processes, and help translate security and compliance requirements into practical, durable operational outcomes.
- Maintain documentation, procedures, and other operational artifacts so they stay aligned with the environment and current control expectations.
Requirements:
- 3+ years of experience in security engineering, security operations, infrastructure security, or security compliance.
- Hands-on experience working in Linux-based production environments and securing Linux systems.
- Experience securing AWS environments and using services such as IAM, CloudTrail, GuardDuty, Security Hub, Config, Inspector, and KMS.
- Working knowledge of vulnerability management, configuration management, logging, monitoring, access control, and incident response practices.
- Scripting experience in Python, Bash, PowerShell, or similar for automation, security operations, and reporting tasks.
- Strong written and verbal communication skills, with the ability to move issues from discovery through remediation across multiple teams.
- Experience supporting regulated or highly audited environments is a plus.
- Familiarity with GovRAMP, FedRAMP, PCI DSS, SOC examinations, or similar frameworks is a plus.
- Experience reviewing scanner output, penetration test findings, or security monitoring alerts and helping drive remediation is a plus.
- Familiarity with POA&M tracking, exception handling, and remediation coordination is a plus.
- Experience working across both cloud and legacy infrastructure is a plus.
Benefits:
- minimal travel: typically 2-3 weeks per year for on-site meetings
- technology-rich work environment
Similar Jobs
Business Information Security Officer
Business Information Security Officer at Blip Global facilitating communication between security and product teams. Engaging deeply in product cycles and technical discussions for effective security integration.
Information Security Compliance Associate
Information Security Compliance Associate maintaining compliance and security documentation for Case IQ. Supporting internal and external audits while collaborating with IT and Security teams.
Learning Facilitator – Security and Property Protection – m/f/d
Trainer:in at WBS TRAINING focusing on competency development in security education. Conducting lessons and supporting learners in their professional growth.
Principal Cloud Security Architect – Azure
Cloud Security Architect at Tamnoon engaging with customers and remediating cloud vulnerabilities. Collaborating with teams to enhance security practices and share technical knowledge.
Associate Architect, SAP Security, Threat Mitigation
Associate Architect supporting Rimini Protect! Security Services to research threats and vulnerabilities. Collaborating closely with team and Client Success Managers to enhance ERP solution security.
CyberSecurity Engineer
CyberSecurity Engineer collaborating with teams to secure products and applications for a global technology company. Delivering security solutions across technologies with a focus on various security practices.
Senior UX Designer – Zero Trust Security
Senior UX Designer at Akamai responsible for user-centered design processes and innovative solutions for data-driven B2B SaaS products. Lead ideation, research, design, and validation for complex product areas.
Cyber Advisor, Managed Security
Cyber Advisor responsible for advising SMBs on cybersecurity risks and improving security postures at At-Bay. Liaising with clients and underwriting teams to enhance cybersecurity services.
Workday HCM Security Administrator
Workday HCM Security Administrator optimizing and securing HR systems for HHS. Driving continuous improvements and enhancing employee experience with Workday HCM capabilities.
Cybersecurity Graduate Adjunct
Adjunct faculty teaching graduate level courses in cybersecurity at Houston Christian University. Engaging students in an interactive online environment within a Christian educational context.
Senior AI Security Engineer
Senior AI Security Engineer at bunny.net focused on building AI security solutions. Collaborating with Product and AI leadership to develop detection systems and security architecture for AI products.
Cyber Security Intern – GRC
Cyber Security Intern assisting in vulnerability management and security compliance for federal projects. Gaining practical cybersecurity experience in a full-time internship role.
Cyber Security Intern
Cyber Security Intern supporting the Department of Energy cybersecurity team at Hanford Site. Collaborating on vulnerability management, security operations, and awareness activities in a critical federal environment.
Senior Azure Cybersecurity Content Engineer
Senior Azure Cybersecurity Content Engineer developing advanced cyber security training material for TryHackMe. Leading content initiatives and mentoring other engineers in the online training platform.
Data Security Architect
Data Security Architect building the architecture and standards for data protection at IQVIA. Establishing a formal Data Security Architecture practice in a global life sciences company.
Information Security Engineer, Network Security Engineering
Information Security Engineer responsible for securing JLL’s global network infrastructure. Collaborate with global teams ensuring security controls are intelligence-driven and aligned to industry best practices.
Business Development Manager – Networking, Security
Business Development Manager focused on Baltic markets, developing new opportunities and partner relationships. Driving growth in network security and cybersecurity solutions within Arrow’s Enterprise Computing Solutions.
Cybersecurity Advisory, Tooling Services Specialist
Cybersecurity Advisory & Tooling Services Specialist for Hitachi Energy's cybersecurity team. Focus on optimizing enterprise security tools and providing advisory support.
Senior IT-Security Experte, m/w/d
Senior IT-Security Expert developing IT-Security concepts for public sector clients in various environments. Collaborating with colleagues to implement secure IT landscapes.
Cloud Security Analyst
Cloud Security Information Analyst supporting modernization initiatives for federal courts. Collaborating on cybersecurity architecture and programming while ensuring compliance and security measures.