Grammarly is hiring a
Corporate Security Engineer

Summary

Join Grammarly's team as a Corporate Security Engineer and contribute to designing and developing engineering solutions that support enterprise-wide security initiatives, such as Zero Trust. Collaborate with the Governance Risk and Compliance (GRC) team to help develop enterprise security standards, guidelines, and policies. Design, build, maintain, tune, and enhance the effectiveness of our Enterprise Security controls in a wide range of security domains.

Requirements

• Is excited to build security controls to safeguard our systems and services
• Has working experience in Security Assurance: Penetration Testing, Code Review, Threat Modeling
• Is familiar with programming languages such as Python, Java, or Go for automation purposes
• Has a strong understanding of cybersecurity threats, vulnerabilities, and mitigations
• Is knowledgeable about the best practices and technologies of cloud security
• Has excellent problem-solving skills, with the ability to work independently and handle multiple tasks
• Has strong communication skills and can explain complex security issues in understandable terms
• Nurtures the talent in the team and raises the technical talent bar when recruiting for their team
• Embodies our EAGER values—is ethical, adaptable, gritty, empathetic, and remarkable
• Is inspired by our MOVE principles: move fast and learn faster; obsess about creating customer value; value impact over activity; and embrace healthy disagreement rooted in trust

Responsibilities

• Contribute to designing and developing engineering solutions that support enterprise-wide security initiatives, such as Zero Trust
• Collaborate with our Governance Risk and Compliance (GRC) team to help develop enterprise security standards, guidelines, and policies
• Design, build, maintain, tune, and enhance the effectiveness of our Enterprise Security controls in a wide range of security domains, including Endpoint Detection and Response (EDR), Email Security, Ransomware Resilience, Data Loss Prevention (DLP)/Insider Risk, Conditional Access, Vendor/Business Process Outsourcing (BPO) Security, Device Posture and Attestation, Shadow IT, Threat and Vulnerability Management (TVM), Identity and Access Management (IAM), Public Key Infrastructure (PKI)
• Perform risk assessments and security assurance (threat modeling, code review as necessary) on a range of systems that support Grammarly’s business operations: Operating Systems and commercial/open-source desktop applications, Internally developed Enterprise Infrastructure Services, Third-Party Software as a Service (SaaS) solutions, Network Infrastructure (ZTNA, CASB, VPN)
• Drive the remediation of security vulnerabilities identified through assessments
• Build security automation to secure our corporate infrastructure
• Evaluate cutting-edge Enterprise Security technology designed to increase our security posture

Benefits

• Competitive pay
• Comprehensive benefits package encompassing life care (including mental health care and risk benefits) and ample and defined time off
• Support to set up a home office
• Wellness and pet care stipends
• Learning and development opportunities