Senior GRC Engineer

About The Position

Requirements

• 5+ years of experience in GRC, cloud security, security engineering, or architecture review within complex technology environments
• Current valid Reliability Status required for handling Protected A and Protected B information under Canadian standards
• Strong expertise in cloud platforms, particularly AWS, and their native security services and controls
• Demonstrated experience reviewing architecture diagrams, data flows, and engineering design patterns in SaaS environments
• Deep familiarity with security frameworks including ISO 27001, SOC 2, PCI DSS, and NIST CSF
• Proven ability to conduct technical risk assessments and translate findings into actionable remediation strategies
• Solid understanding of CI/CD pipelines, identity and access management, network security, and monitoring systems
• Strong communication skills with the ability to convey complex technical risks to both technical and business stakeholders

Nice To Haves

• Enhanced Reliability Status or eligibility to obtain it
• Experience with scripting or programming using Python or PowerShell
• Exposure to AI and machine learning architectures and governance considerations
• Experience with API integrations and orchestration in distributed systems
• Relevant certifications such as CISSP, CISM, CRISC, CCSP, or AWS Security Specialty
• Familiarity with threat modeling methodologies and secure design practices
• Experience with security-as-code or policy-as-code approaches
• Background in high-scale SaaS or regulated environments
• Demonstrated ability to mentor or support junior team members

Responsibilities

• Lead comprehensive security assessments across applications, cloud services, and third-party integrations to identify and mitigate risk at scale
• Evaluate and validate security controls against frameworks such as ISO 27001, SOC 2, PCI DSS, and NIST CSF to ensure continuous compliance and operational effectiveness
• Review cloud and application architectures to identify design risks, misconfigurations, and control gaps, driving secure-by-design principles
• Influence engineering decisions by providing actionable security guidance aligned with zero trust, least privilege, and secure SDLC practices
• Partner with internal and external auditors to demonstrate control effectiveness through technical walkthroughs, evidence presentation, and audit support
• Translate regulatory and compliance requirements into technical specifications that can be consistently implemented across distributed systems
• Drive remediation efforts by collaborating with cross-functional stakeholders to resolve identified risks and strengthen security posture
• Enable security at scale by improving GRC processes, tooling, and automation across the Genesys Cloud platform

Benefits

• We invest in your well-being, because when you’re at your best, so are the experiences you create.
• Comprehensive extended group health coverage
• Generous paid time off, including vacation and personal leave
• Retirement savings program with employer RRSP matching up to a prescribed maximum amount
• Family-friendly benefits, including parental leave top-up and adoption assistance
• Growth and development opportunities through access to learning resources and internal mobility programs
• Exact details of these programs, including the conditions for eligibility, the amount of the benefit (including caps on benefits and customary pricing details), the length of the paid time off, etc. will be provided upon hire and is subject to Genesys policies.