
Senior Security Engineer (Remote - US) at Jobgether. About Jobgether:. Jobgether is a Talent Matching Platform that partners with companies worldwide to efficiently connect top talent with the right opportunities through AI-driven job matching.. One of our companies is currently looking for a . Senior Security Engineer. in the . United States. .. We are seeking a highly skilled Senior Security Engineer to lead the implementation of Governance, Risk, and Compliance (GRC) strategies. This role focuses on automating evidence collection, enforcing security standards, and enhancing internal processes to ensure continuous compliance. Working closely with engineering, infrastructure, and audit teams, you will drive technical security initiatives across cloud-based environments. Your work will contribute to securing new product releases and supporting robust compliance frameworks such as SOC 2 and ISO 27001. This is a great opportunity for a security expert who thrives on building scalable systems, optimizing controls, and guiding cross-functional risk mitigation efforts.. Accountabilities:. . Lead the design and automation of GRC processes, including evidence gathering and control validation.. . Own the vulnerability management program and ensure effective remediation guidance.. . Conduct compliance reviews for new product features and internal systems.. . Build and maintain security metrics and reporting processes to track KPIs.. . Create and manage information security policies, standards, and recertification workflows.. . Partner with internal stakeholders and external auditors to ensure alignment with certification standards.. . Operate periodic access reviews and drive continuous improvements in security awareness programs.. . Evaluate and manage vendor compliance and associated risks.. . . 6–8 years of experience in security engineering, GRC, or IT compliance within SaaS or cloud environments.. . Proficiency with scripting, APIs, and cloud platforms like AWS or Azure.. . Deep understanding of security frameworks and standards such as SOC 2, ISO 27001, 27018, and 27701.. . Hands-on experience with SIEM, vulnerability management, endpoint protection, and DLP tools.. . Strong project management skills and the ability to lead audits and technical assessments.. . Excellent written and verbal communication skills for documenting policies and guiding stakeholders.. . Familiarity with tools like Jira for compliance tracking and vendor due diligence processes.. . Industry certifications such as CISSP, CISA, or CRISC are a plus.. . Company Location: United States.