GRC Engineer
Description For GRC Engineer
One is an innovative fintech company on a mission to revolutionize financial progress for customers. Backed by prominent investors Ribbit and Walmart, One aims to address the challenges faced by millions of Americans who struggle with accessing credit, building savings, and managing their finances effectively.
As a GRC Engineer at One, you'll play a crucial role in maintaining and enhancing the company's Information Security program. This position combines technical expertise with strategic oversight, focusing on third-party risk management, security assessments, and compliance monitoring. You'll work directly with both technical and business teams to ensure robust security measures across all operations.
The role requires a seasoned professional with 10+ years of experience in information security and risk management. You'll be responsible for conducting vendor due diligence, managing security risks, and ensuring compliance with industry standards like NIST, SOC 2, and PCI DSS. Your expertise in enterprise-scale security architecture and cloud security will be essential in protecting One's innovative financial solutions.
One offers an attractive compensation package including competitive salary, equity options, and comprehensive benefits starting day one. The hybrid work environment based in Bangalore provides flexibility while maintaining collaborative opportunities. This is an excellent opportunity to join a high-growth fintech startup that's making a real difference in people's financial lives while working with cutting-edge security technologies and frameworks.
Responsibilities For GRC Engineer
- Performing due diligence on third-party vendors and partners regarding data protection, business continuity, and platform security
- Reviewing contractual agreements for information security and privacy standards
- Consulting with technology and business teams on security-related issues
- Identifying and tracking security risks and driving remediation
- Assisting in external audits and internal readiness assessments
- Reviewing compliance with privacy requirements and regulations
Requirements For GRC Engineer
- 10+ years of experience in information security, internal and third party risk management, and/or audit management
- Strong knowledge of industry standard frameworks (NIST, SOC 2, PCI DSS, HiTrust)
- Thorough knowledge of enterprise-scale security architecture, cloud security, and business continuity
- Ability to explain security concepts to technical and non-technical stakeholders
- Domain knowledge of IT systems, networking, security, and compliance
- Relevant certifications (AWS Certified Solutions Architect, CISSP) are a plus
Benefits For GRC Engineer
- Competitive cash compensation
- Benefits effective on day one
- Generous stock option packages
- Employer Provident Fund contributions
- Comprehensive health insurance for employee and family
- Mental health support and wellness programs
- Flexible time off programs
- Monthly transport allowance
- Monthly work-from-home stipend
- Hybrid working model
Jobs Related To One GRC Engineer
