Security & Compliance Engineer

1 week, 1 day ago
Full-time
Mid Level
DevOps and Infrastructure
Grant Street Group

Grant Street Group

Grant Street Group specializes in providing innovative cloud-based software solutions for tax collection, electronic payments, and auction services, aimed at enhancing the efficiency and effectiveness of government operations across various levels.

IT Services
251-1K
Founded 1997

Description

  • Support the day-to-day security posture of systems and services across cloud and on-prem environments.
  • Review vulnerability findings from scanners, penetration tests, and other assessments and drive remediation to closure.
  • Partner with infrastructure, platform, and engineering teams on secure configuration, access control, logging, monitoring, and incident readiness.
  • Support compliance and assessment activities related to GovRAMP/FedRAMP, PCI DSS, internal reviews, and third-party examinations.
  • Use AWS security tooling and help translate security and compliance requirements into practical operational outcomes.
  • Maintain documentation, procedures, and other operational artifacts so they remain aligned with the environment and control expectations.
  • Track remediation efforts, control monitoring, and audit-related follow-up across teams.
  • Contribute to security log management and monitoring processes.

Requirements

  • 3+ years of experience in security engineering, security operations, infrastructure security, or security compliance.
  • Hands-on experience working in Linux-based production environments and securing Linux systems.
  • Experience securing AWS environments and using services such as IAM, CloudTrail, GuardDuty, Security Hub, Config, Inspector, and KMS.
  • Working knowledge of vulnerability management, configuration management, logging, monitoring, access control, and incident response practices.
  • Scripting experience in Python, Bash, PowerShell, or similar for automation, security operations, and reporting tasks.
  • Strong written and verbal communication skills with the ability to move issues from discovery through remediation across multiple teams.
  • Experience supporting regulated or highly audited environments is a plus.
  • Familiarity with GovRAMP, FedRAMP, PCI DSS, SOC examinations, or similar frameworks is a plus.
  • Experience reviewing scanner output, penetration test findings, or security monitoring alerts and helping drive remediation is a plus.
  • Familiarity with POA&M tracking, exception handling, and remediation coordination is a plus.
  • Experience working across both cloud and legacy infrastructure is a plus.
  • Comfort using AI tools responsibly to support triage, investigation, scripting, documentation, and reporting is a plus.
  • Experience with security data lakes, OCSF schema management, or security data transformation pipelines is a plus.
  • Expected salary range of $100,000–$160,000 per year.

Benefits

  • Minimal travel, typically 2-3 weeks per year for on-site meetings.
  • Technology-rich work environment with strong collaboration tools.
  • Opportunity to work with an entrepreneurial, high-performing team.
  • Supportive culture that values teamwork, professional excellence, and individual responsibility.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Active Directory / Identity Engineer

Keywords Studios 10K-50K Internet Software & Services

Keywords Group is seeking an experienced Active Directory SME and Azure Identity Lead to guide company-wide identity architecture and support global IT across on-premises and cloud environments.

Active Directory Cybersecurity DHCP DNS PowerShell
13 hours, 19 minutes ago

Senior Security Compliance Engineer

Klaviyo 1K-5K IT Services

Klaviyo is seeking a Senior Security Compliance Engineer to help its Security Trust & Risk team automate and scale compliance operations, continuous monitoring, and GRC tooling across a fast-growing AI-first B2C CRM platform.

AWS CI/CD Go HIPAA Kubernetes Python REST API SQL
14 hours, 4 minutes ago

Website Security Engineer

PetDesk 51-250 Health Care Providers & Services

PetDesk is hiring a Website Security Specialist to protect its website portfolio by preventing vulnerabilities, responding to incidents, and maintaining secure technical operations across the full site lifecycle.

WordPress
14 hours, 4 minutes ago

Principal AI Security Specialist - Federal

Zscaler 1K-5K Internet Software & Services

Zscaler is hiring a Principal AI Security Specialist to lead field-facing enterprise AI security engagements, helping Fortune 500 customers adopt GenAI securely across complex sales cycles.

Cybersecurity Generative AI LLM
1 day, 13 hours ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers