Governance, Risk, and Compliance Engineer, Cloud and Application Security

closed
One Logo

One

πŸ’΅ $175k-$190k
πŸ“Remote - United States

Summary

Join One's mission to help customers achieve financial progress as a GRC Engineer (Cloud & Application Security). Define and implement One's Information Security program, design and execute risk management processes, and ensure compliance with security frameworks.

Requirements

  • 5+ years of experience in security governance, cloud and application security assessments, risk management, and/or third party risk
  • Strong knowledge of various industry standard frameworks such as NIST, FFIEC, SOC 2, PCI DSS, HiTrust, etc
  • Thorough knowledge of enterprise-scale security architecture, cloud security, and application security best practices
  • Domain knowledge of multiple disciplines including IT systems, networking, security, and compliance
  • Familiarity with containerization technologies (e.g., Docker, Kubernetes) and CI/CD pipelines
  • Excellent written and verbal communication skills, with the ability to convey technical concepts to both technical and non-technical audiences
  • Strong analytical and problem-solving skills with the ability to work independently and as part of a team

Responsibilities

  • Proactively evaluate the security configurations of One’s applications and AWS services
  • Determine detailed remediation plans and steps for security gaps, and work independently or in conjunction with stakeholders to resolve such gaps
  • Define, publish, and maintain company-wide security standards and requirements based on industry best practices
  • Perform in-depth security assessments of third party hosted applications and systems
  • Collaborate with team members on performing security reviews on new product features, system architectures, and business processes
  • Support ongoing information security audit initiatives and compliance projects with the team
  • Share guidance and training to internal One teams on overall information security
  • Engage with both technology and business teams as a consultant for any security-related issues that affect One’s product features and offering

Benefits

  • Competitive cash
  • Benefits effective on day one
  • Early access to a high potential, high growth fintech
  • Generous stock option packages in an early-stage startup
  • Remote friendly (anywhere in the US) and office friendly - you pick the schedule
  • Flexible time off programs - vacation, sick, paid parental leave, and paid caregiver leave
  • 401(k) plan with match
This job is filled or no longer available