SECURITY ENGINEER

About The Position

Requirements

• Bachelor’s degree in Cybersecurity, Information Technology, Risk Management, Computer Science, or related field; Master’s degree preferred.
• 5+ years of experience in cybersecurity, GRC, risk management, or related fields with demonstrated exposure to compliance automation and security engineering.
• Hands-on experience with GRC frameworks including SOC 2, ISO 27001, NIST SP 800-53, FedRAMP/GovRAMP, and CJIS.
• Technical proficiency with cloud security in AWS and Microsoft Azure/M365 environments, preferably GovCloud and GCC High
• Experience with GRC platforms, compliance automation tools, and security monitoring solutions (e.g., Wiz, Vanta, Drata, or similar).

Responsibilities

• Design, implement, and continuously improve the GRC program across multiple compliance frameworks (GovRAMP, SOC 2, CJIS, ISO 27001, NIST SP 800-53).
• Conduct enterprise-wide and targeted risk assessments to identify emerging risks, control gaps, and quantify risk exposure using advanced data analytics
• Develop dashboards, automated alerts, and reporting for security program KPIs and high-risk indicators
• Draft security best practices documentation and drive company-wide security awareness and training programs.
• Manage and maintain the organization’s GRC platform for documenting risks, controls, assessments, and remediation tracking.

Benefits

• Flexible hybrid schedule
• Free chef-inspired lunch Mon–Thu
• 15 PTO days + floating holiday
• Competitive benefits: medical, dental, vision, 401(k). We provide 401(k) matching per the terms of the 401(k) plan.
• Annual bonus and tuition reimbursement
• Career growth in a fast-growing, mission-driven company
• Collaborative, purpose-driven culture