About Jobgether:

Jobgether is a Talent Matching Platform that partners with companies worldwide to efficiently connect top talent with the right opportunities through AI-driven job matching.One of our companies is currently looking for a Senior Security Engineer in the United States.

We are seeking a highly skilled Senior Security Engineer to lead the implementation of Governance, Risk, and Compliance (GRC) strategies. This role focuses on automating evidence collection, enforcing security standards, and enhancing internal processes to ensure continuous compliance. Working closely with engineering, infrastructure, and audit teams, you will drive technical security initiatives across cloud-based environments.

Your work will contribute to securing new product releases and supporting robust compliance frameworks such as SOC 2 and ISO 27001. This is a great opportunity for a security expert who thrives on building scalable systems, optimizing controls, and guiding cross-functional risk mitigation efforts.

Accountabilities:

• Lead the design and automation of GRC processes, including evidence gathering and control validation.
• Own the vulnerability management program and ensure effective remediation guidance.
• Conduct compliance reviews for new product features and internal systems.
• Build and maintain security metrics and reporting processes to track KPIs.
• Create and manage information security policies, standards, and recertification workflows.
• Partner with internal stakeholders and external auditors to ensure alignment with certification standards.
• Operate periodic access reviews and drive continuous improvements in security awareness programs.
• Evaluate and manage vendor compliance and associated risks.

Requirements

• 6–8 years of experience in security engineering, GRC, or IT compliance within SaaS or cloud environments.
• Proficiency with scripting, APIs, and cloud platforms like AWS or Azure.
• Deep understanding of security frameworks and standards such as SOC 2, ISO 27001, 27018, and 27701.
• Hands-on experience with SIEM, vulnerability management, endpoint protection, and DLP tools.
• Strong project management skills and the ability to lead audits and technical assessments.
• Excellent written and verbal communication skills for documenting policies and guiding stakeholders.
• Familiarity with tools like Jira for compliance tracking and vendor due diligence processes.
• Industry certifications such as CISSP, CISA, or CRISC are a plus.

Benefits

• Flexible remote work environment and schedule
• 16 weeks paid parental leave
• Quarterly “Whaleness” mental health days
• Home office and monthly technology stipend
• PTO policy that encourages work-life balance
• Company-wide quarterly hackathons
• Equity in a high-growth tech company
• Annual training and professional development stipend
• Docker swag and community engagement
• Medical, retirement, and holiday benefits (varies by country)

  

Jobgether hiring process disclaimer

This job is posted on behalf of one of our partner companies. If you choose to apply, your application will go through our AI-powered 3-step screening process, where we automatically select the 5 best candidates.

Our AI thoroughly analyzes every line of your CV and LinkedIn profile to assess your fit for the role, evaluating each experience in detail. When needed, our team may also conduct a manual review to ensure only the most relevant candidates are considered.

Our process is fair, unbiased, and based solely on qualifications and relevance to the job. Only the best-matching candidates will be selected for the next round.

If you are among the top 5 candidates, you will be notified within 7 days. If you do not receive feedback after 7 days, it means you were not selected. However, if you wish, we may consider your profile for other similar opportunities that better match your experience.Thank you for your interest! #LI-CL1