Senior Security Engineer

Summary

Join 6sense's Security department as a GRC Security Engineer III and contribute to a team that aligns security with business objectives. Execute end-to-end GRC initiatives, lead internal and external audits, and oversee complex control tests. Develop risk treatment plans, design test plans, and provide GRC technology administration, including user training. Mature security governance programs, improve GRC documentation, and design GRC control automation. Maintain up-to-date knowledge of 6sense's systems and actively participate in performance measurement activities, including weekly 1:1s and monthly skip levels. This role requires strong communication and collaboration skills, along with experience in GRC, automation, and security tools.

Requirements

• 5+ years of experience being part of a GRC or similar team
• 1+ years of experience developing automation
• Experience with security tools and cloud environments (e.g., GRC, Vulnerability Scanners, SIEM, SOAR, AWS)
• Experience with industry frameworks, regulations, and standards, such as: ISO 27001, SOC 2, GDPR, PCI, SOX, NIST, etc

Responsibilities

• Execute on milestones for end-to-end GRC initiatives in accordance with the Security roadmap
• Lead internal and external audit engagements
• Oversee and execute complex control tests, third-party and operational security risk assessments, and communicate results across multiple audiences with varying levels of sensitivity
• Develop issue and risk treatment plans with owners and test remediation for closure
• Design high-quality test plans and improve security control test activities through peer reviews that provide feedback and guidance to other GRC Engineers
• Provide GRC technology administration to include user training
• Mature security governance, training, and awareness programs
• Improve GRC handbook pages, procedures, and playbooks and maintain security program controlled documents
• Design GRC control automation and implement security GRC-related automation tasks
• Execute on quarterly individual Key Results that support team Objectives (OKRs)
• Maintains up-to-date knowledge of 6sense’s product, environment, systems, and architecture
• Actively prepares for weekly 1:1s with Manager and monthly skip levels
• Drives remediation of security risks and threats
• Adheres to strict deadlines and SLAs
• Participates in creation of milestones associated with major security projects
• Executes on milestones associated with major security projects
• Develops and maintains up-to-date handbook pages, runbooks, workflows, and dashboards
• Provides project status updates on a weekly basis
• Administers GRC technology

Preferred Qualifications

• Big 4 (KPMG, Deloitte, PwC, EY) or similar experience
• Bachelor's degree in a related field
• Relevant industry certifications, such as CISSP, CISM, or GIAC, are highly desirable
• Evangelizes security best practices
• Works independently to maintain and improve overall company security posture
• Collaborates with cross-functional teams
• Translates technical requirements into actionable and timebound requests
• Drives projects and tasks to completion by following up on questions, deadlines, and requests for input
• Maintains accuracy of information
• Proactive prioritization and escalation to management
• Strong communication skills, including verbal, written, and presentation skills

Benefits

• Health coverage
• Paid parental leave
• Generous paid time-off and holidays
• Quarterly self-care days off
• Stock options
• Access to our LinkedIn Learning platform
• Quarterly wellness education sessions