GRC Engineer (Cloud & Application Security)
Description For GRC Engineer (Cloud & Application Security)
One is an innovative fintech company on a mission to revolutionize financial progress for customers. Backed by prominent investors Ribbit and Walmart, we're creating an integrated platform where customers can save, spend, borrow, and grow their money all in one place.
As a GRC Engineer (Cloud & Application Security), you'll play a crucial role in shaping One's Information Security program. This position offers a unique blend of technical and strategic responsibilities, focusing on cloud infrastructure and application security designs while ensuring compliance with frameworks like SOC 2 and PCI DSS.
The role demands expertise in AWS services, containerized environments, and modern application frameworks. You'll be responsible for evaluating security configurations, developing remediation plans, and maintaining company-wide security standards. The position offers competitive compensation ($175,000-$190,000) and comprehensive benefits including equity, 401(k) with match, and flexible time off.
The ideal candidate brings 3-7 years of relevant experience, strong knowledge of security frameworks, and excellent communication skills. This is a remote position, offering the flexibility to work from anywhere in the US while contributing to a mission-driven company that's transforming financial services for millions of Americans.
Join us in building a more inclusive financial future while working with cutting-edge technology and a talented team committed to making a difference. Your work will directly impact the security and reliability of financial services that help customers achieve their financial goals.
Responsibilities For GRC Engineer (Cloud & Application Security)
- Proactively evaluate security configurations of One's applications and AWS services
- Determine detailed remediation plans for security gaps
- Define, publish, and maintain company-wide security standards
- Perform security assessments of third party hosted applications
- Collaborate on security reviews for new product features
- Support information security audit initiatives
- Share guidance and training on information security
- Engage with teams as a security consultant
Requirements For GRC Engineer (Cloud & Application Security)
- 3-7 years of experience in security governance, cloud and application security assessments
- Strong knowledge of industry standard frameworks (NIST, FFIEC, SOC 2, PCI DSS, HiTrust)
- Knowledge of enterprise-scale security architecture
- Domain knowledge of IT systems, networking, security, and compliance
- Familiarity with containerization technologies
- Excellent written and verbal communication skills
- Strong analytical and problem-solving skills
Benefits For GRC Engineer (Cloud & Application Security)
- Competitive cash compensation
- Benefits effective day one
- Generous stock option packages
- Flexible time off programs
- Vacation and sick leave
- Paid parental leave
- Paid caregiver leave
- 401(k) plan with match
Jobs Related To One GRC Engineer (Cloud & Application Security)
