GRC Engineer (Cloud & Application Security)
Description For GRC Engineer (Cloud & Application Security)
One is an innovative fintech company on a mission to revolutionize financial progress for customers. Backed by prominent investors Ribbit and Walmart, we're creating an integrated platform where customers can manage all their financial needs in one place - from saving and spending to borrowing and growing their money.
As a GRC Engineer (Cloud & Application Security), you'll play a crucial role in shaping and implementing One's Information Security program. This position offers a unique blend of technical and strategic responsibilities, focusing on cloud infrastructure and application security designs while ensuring compliance with frameworks like SOC 2 and PCI DSS.
The role demands a strong technical background in cloud security, particularly with AWS services, containerized environments, and modern application frameworks. You'll be responsible for evaluating security configurations, developing remediation plans, maintaining security standards, and performing security assessments of third-party applications.
We're looking for someone with 3-7 years of experience in security governance and cloud security, combined with strong knowledge of industry frameworks like NIST, FFIEC, and HiTrust. The ideal candidate will possess excellent communication skills to effectively convey technical concepts to various audiences and strong analytical abilities to solve complex security challenges.
One offers a competitive compensation package ranging from $175,000 to $190,000, along with comprehensive benefits including equity options, flexible time off, and a 401(k) match. We embrace remote work, allowing you to work from anywhere in the US while contributing to a mission-driven company that's transforming financial services for millions of Americans.
Join us in building a more inclusive financial future while working with cutting-edge technologies and growing your career in a supportive, dynamic environment. Your expertise will be crucial in protecting our platform and ensuring our customers' financial journey is secure and reliable.
Responsibilities For GRC Engineer (Cloud & Application Security)
- Evaluate security configurations of One's applications and AWS services
- Determine detailed remediation plans for security gaps
- Define and maintain company-wide security standards
- Perform security assessments of third party hosted applications
- Collaborate on security reviews for new product features
- Support information security audit initiatives
- Provide guidance and training on information security
- Engage with teams as a security consultant
Requirements For GRC Engineer (Cloud & Application Security)
- 3-7 years of experience in security governance, cloud and application security
- Strong knowledge of industry standard frameworks (NIST, FFIEC, SOC 2, PCI DSS, HiTrust)
- Knowledge of enterprise-scale security architecture
- Domain knowledge of IT systems, networking, security, and compliance
- Familiarity with containerization technologies
- Excellent written and verbal communication skills
- Strong analytical and problem-solving skills
- Relevant certifications (AWS Security, CISSP, CCSP) are a plus
Benefits For GRC Engineer (Cloud & Application Security)
- Competitive cash compensation
- Benefits effective on day one
- Generous stock option packages
- Flexible time off programs
- Vacation and sick leave
- Paid parental leave
- Paid caregiver leave
- 401(k) plan with match
Jobs Related To One GRC Engineer (Cloud & Application Security)
