CrawlJobs Logo

Senior Security GRC Engineer

https://www.atlassian.com Logo

Atlassian

Location Icon

Location:
India , Bengaluru

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

The Senior Security GRC Engineer at Atlassian will be instrumental in implementing and managing the company's security risk and governance strategy. This role requires a deep understanding of cybersecurity and risk management, as well as the ability to collaborate with various stakeholders within Atlassian including but not limited to Security, Engineering, Risk and Compliance teams.

Job Responsibility:

  • Deliver technical expertise and innovation, providing security guidance to teams and promoting the adoption of industry-leading methodologies to build secure products by default
  • Drive technical solutions in security and risk management
  • Leverage data analytics and visualization, deriving actionable insights from security governance, risk, and compliance data
  • Promote automation and tooling, encouraging the use of the latest security tools to enhance product security processes
  • Proactively identify and mitigate risks, recognizing potential security threats or compliance concerns specific to product security
  • Collaborate with product security teams, implementing security controls and best practices
  • Regularly evaluate and report, assessing the effectiveness of security controls
  • Influence and align stakeholders, working with security engineers and stakeholders to drive alignment on security initiatives
  • Stay informed on regulatory awareness and compliance, keeping up with the latest developments in legislative, regulatory, and industry security requirements

Requirements:

  • 5-7+ years experience in a similar role, preferably in a large-scale SaaS/Product environment
  • Expertise and experience working in security-focused roles
  • Experience with application security, especially web applications
  • Experience in cloud security architecture and infrastructure
  • Experience providing SME knowledge and guidance to stakeholders and engineering functions
  • Experience working with internal/external audit and leadership teams
  • Solid knowledge of cybersecurity principles, risk management strategies, and IT governance frameworks
  • Strong communication and interpersonal skills, with the ability to interact with stakeholders at all levels and explain complex security concepts in an understandable way
  • Relevant certifications such as CISSP, CISM, or CRISC would be beneficial
  • Scripting experience to automate recurring tasks (JQL, SQL, Python, Go)
What we offer:
  • health coverage
  • paid volunteer days
  • wellness resources

Additional Information:

Job Posted:
April 23, 2025

Employment Type:
Fulltime
Work Type:
Remote work
Icon
Atlassian - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Senior Security GRC Engineer

Senior Security Engineer

We’re looking for an experienced security engineer to join our highly collaborat...
Location
Location
Canada; United States
Salary
Salary:
143000.00 - 210000.00 USD; CAD / Year
https://www.1password.com Logo
1Password
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 5+ years of combined experience in security, GRC, risk, or a related space with hands-on technical work building automation solutions as they relate to compliance controls, evidence, GRC platforms, etc.
  • experience in effectively analyzing data and programs for security risk, compliance, and maturity
  • willingness to wear different hats and work on areas where needed
  • must excel in communication, and demonstrate the ability to explain technical security concepts to a non-technical audience
  • must have a highly collaborative and teamwork-focused approach, as well as a heart for mentoring and leveling up your teammates
  • must be able to assess and mitigate corporate risk within the organization
  • sophisticated program/project management abilities
Job Responsibility
Job Responsibility
  • Own, design and manage the continued enhancement of various GRC programs including but not limited to strategy, roadmap, and controls to address regulatory requirements across multiple jurisdictions
  • communicate our compliance framework and various program requirements to all relevant stakeholders (internal and external)
  • engage cross-functionally with groups such as Engineering, Finance, Legal, Product, and Sales to establish a thoughtful, strategic and tactical approach to multiple GRC programs and related processes
  • assist with analysis and preparation for internal and external audits
  • accurately and effectively communicate our compliance position and programs to auditors and customers
  • partner with other members of the security team to establish security guidelines that enable the organization to move fast in a safe and secure manner
  • operate as a technical leader by helping define the GRC roadmap and by leveling up junior employees
  • build strong relationships with partner and stakeholder teams in order to build a scalable GRC program
What we offer
What we offer
  • Maternity and parental leave top-up programs
  • wellness spending allowance
  • generous PTO policy
  • company-wide wellness days off scheduled throughout the year
  • wellness coach membership
  • comprehensive health coverage
  • company equity for all full-time employees
  • retirement matching program
  • training budget, 1Password University access, and learning sessions
  • free 1Password account (and friends and family discount!)
  • Fulltime
Read More
Arrow Right

Senior Information Security Engineer

Serve as a technical leader in our Security team reporting to our Information Se...
Location
Location
United States , Boston
Salary
Salary:
150000.00 - 190000.00 USD / Year
whoop.com Logo
Whoop
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Computer Science, Information Security, or a related technical field and/or advanced certifications (CISSP, CISM, AWS Security Specialty, SANS, etc.)
  • 8+ years of hands-on experience in Information Security, IT Security, or a related role, including at least 2 years in a senior or lead capacity
  • Proven track record implementing and managing advanced security technologies (e.g., CASB, CNAPP, CSPM, SIEM, SOAR, DLP, SWG)
  • Experience securing AI/ML systems or APIs, including governance of third-party AI integrations and organizational use of AI tools
  • Strong understanding of modern cloud security architecture (AWS, Azure, GCP) and experience performing threat modeling and risk assessments on cloud-based systems
  • Hands-on experience with application security tooling (SAST, SCA, DAST) and embedding secure development practices
  • Demonstrated leadership in security incident response, investigations, and root cause analysis
  • Effective communicator with the ability to influence stakeholders and explain security concepts to technical and non-technical audiences
  • Strong project management skills and the ability to drive initiatives to completion in a fast-paced environment
  • Experience mentoring engineers and setting operational standards
Job Responsibility
Job Responsibility
  • Implement and enhance security controls by leading the deployment, integration, and tuning of solutions such as CNAPP, SIEM, CASB, EDR, DLP, and MDM to maximize effectiveness
  • Support security design decisions by providing subject matter expertise on cloud and SaaS security best practices while influencing architecture led by the Security Architect role
  • Lead incident response and investigations by guiding containment, remediation, root cause analysis, and post-incident improvements
  • Strengthen application security by overseeing secure development practices and managing SAST, SCA, and DAST tooling
  • Advance identity and access management by supporting IAM policy enforcement, SSO, MFA, SCIM, RBAC, and user lifecycle governance
  • Secure AI systems and integrations by assessing and protecting embedded APIs and organizational AI tool usage to ensure resilience, privacy, and compliance
  • Collaborate cross-functionally by working with Engineering, IT, and GRC teams to embed security into systems and workflows
  • Mentor and influence by providing technical guidance, reviewing work, and promoting security-first thinking across the organization
  • Stay ahead of threats and regulations by tracking emerging risks, technologies, and compliance requirements to inform forward-looking strategies
  • Participate in and help improve the on-call rotation by providing guidance, escalation support, and driving improvements in response processes
What we offer
What we offer
  • competitive base salaries
  • meaningful equity
  • generous equity package
  • Fulltime
Read More
Arrow Right

Senior Systems Security Engineer

AnaVation is looking for a Sr. Systems Security Engineer to assist the customer ...
Location
Location
United States , Washington
Salary
Salary:
Not provided
anavationllc.com Logo
AnaVation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5-10 years of experience in information system engineering and configuration management
  • 5 years of experience in control implementation and secure system engineering or design
  • Excellent communication skills
  • Hands on experience with: Security monitoring and evaluation, including audits, assessments, and risk management
  • SIEM tools (e.g., Splunk)
  • Vulnerability Scanning tools (e.g., Tenable, Nessus)
  • EDR tools (e.g., Crowdstrike)
  • Web App Scanning tools (e.g., Burpsuite, Acunetix)
  • Active Directory
  • SANs
Job Responsibility
Job Responsibility
  • Performing hands-on engineering, administration, and securing of multiple operating systems (e.g., Windows, RHEL, Unix variants), and applying DISA STIGs across diverse vendor technologies, including virtualization platforms (VMWare, Hyper-V), cloud environments (AWS, Azure, Google Cloud), and enterprise applications
  • Perform system administration tasks to include audit and log management, availability monitoring and remediation, account management and access reviews, and configuration update scheduling and performance
  • Contribute to the design and development of secure system architectures, ensuring security is integrated through system and network lifecycles
  • Evaluate, implement, and document security architecture solutions, aligning with compliance requirements and organizational mission needs
  • Ensure technical compliance with applicable security frameworks, standards, and regulations (e.g., DISA SITGs, NIST 800-53, RMF)
  • Conducting, configuring, and managing vulnerability scans
  • Conducting vulnerability remediations, patching, and system hardening
  • Collaborate with ISSOs, Assessors, System Owners, and other stakeholders to implement security controls
  • Support security assessments, audits, and accreditation/authorization (ATO) activities
  • Document security configurations, engineering solutions, and compliance evidence
What we offer
What we offer
  • Generous cost sharing for medical insurance for the employee and dependents
  • 100% company paid dental insurance for employees and dependents
  • 100% company paid long-term and short term disability insurance
  • 100% company paid vision insurance for employees and dependents
  • 401k plan with generous match and 100% immediate vesting
  • Competitive Pay
  • Generous paid leave and holiday package
  • Tuition and training reimbursement
  • Life and AD&D Insurance
  • Fulltime
Read More
Arrow Right

Senior Information Security Compliance Analyst

We're looking for a technically grounded Senior IS Compliance Analyst who speaks...
Location
Location
United States , Chicago
Salary
Salary:
90000.00 - 130000.00 USD / Year
blumeglobal.com Logo
Blume Global
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Hands-on experience in technical security roles such as Security Operations, Incident Response, Security Analysis, penetration testing, or similar
  • Practical knowledge of security tools, SIEM platforms, vulnerability management, and security monitoring
  • and ability to read and understand security logs, configurations, and technical documentation
  • 6+ years of total experience with significant time in GRC
  • Working knowledge of ISO 27001, NIST frameworks, SOC 1/2, and GDPR requirements
  • Experience developing and implementing information security policies and controls
  • ISO 27001:2022 Lead Implementer and Lead Auditor certification
Job Responsibility
Job Responsibility
  • Lead technical security assessments and integration of acquired companies, mapping their security architectures and controls to our GRC frameworks, identifying gaps, and building remediation roadmaps that address both technical security and compliance alignment
  • Bridge technical security and business stakeholders by evaluating risks through a technical lens, working alongside security engineering teams to translate GRC requirements into practical security measures, and communicating effectively across technical and non-technical audiences
  • Develop and harmonize security policies and control frameworks across acquired entities, ensuring they're both audit ready and operationally sound, while translating between technical security requirements and governance documentation
  • Own customer security questionnaire responses by leveraging your hands-on security background to provide detailed, accurate answers and collaborating with infrastructure, application security, and operations teams to gather technical evidence
  • Drive continuous improvement of our GRC program through technical security enhancements, meaningful security and compliance metrics, and process improvements that increase both control effectiveness and operational efficiency
What we offer
What we offer
  • health and welfare benefits
  • tuition assistance
  • 401K savings and other retirement programs
  • employee assistance programs
Read More
Arrow Right

Info Security Full Stack Engineer

The Info Security Tech Sr Analyst is an intermediate level position responsible ...
Location
Location
India , Pune; Mumbai
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Knowledge of 3rd party supplier controls and risk assessment for applications is preferred
  • At least 3+ years’ demonstrated performance as a technical SME in a highly regulated environment with 8+ years of experience as a developer
  • Experience with technical documentation, API specifications, architectural diagrams etc.
  • Experience in the design and implementation of compliance programs and projects
  • Strong written and oral communication skills, attention to detail and ability to deliver high quality materials, results oriented
  • Role model for and driver of a culture of ethics, learning and accountability
  • Positive, can-do attitude, action and results-oriented, decisive, and willing to take control of a situation when required
  • trusted advisor with sound judgment even when operating under pressure or significant stress
  • Exceptional candidates who do not meet all criteria may be considered for the role based on skills, ability to learn and positive, do what it takes attitude to drive success
  • Technical skills: HTML, CSS, JSAngular v13 (preferred),SharePoint development, SharePoint Workflow development
Job Responsibility
Job Responsibility
  • Developing and configuring solutions based on business needs and inputs
  • Develop tools and solutions to integrate risk management applications with other Citi systems
  • Test planning, coordination, and tracking including unit testing, integration testing, and User Acceptance
  • Ensuring that appropriate governance and oversight rules are implemented and adhered to
  • Drive quality in work, documentation and reporting
  • Provide feedback to improve efficiency, to simplify existing solutions as part of continuous improvement
  • Be a partner for Internal Teams looking to introduce new capabilities within their business
  • Assist with regulatory requests
  • Collaborate with senior Citi management across business and functional lines in case of need as each introduce new capabilities, to keep SaaS activity within our risk tolerance
  • Drive continuous improvement efforts for quality and efficiency
  • Fulltime
Read More
Arrow Right

Senior Security Engineer, GRC Automation

1Password is looking for a Senior Security Engineer – GRC to design and implemen...
Location
Location
United States; Canada
Salary
Salary:
156000.00 - 210000.00 USD; CAD / Year
https://www.1password.com Logo
1Password
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in security engineering, DevSecOps, solutions engineering, or GRC automation roles
  • Proven experience working with GRC, compliance, or audit teams to build automation that supports evidence collection, control testing, or security monitoring
  • Direct experience implementing and integrating GRC platforms (e.g., Drata, Vanta, Tines, JupiterOne) into production environments
  • Strong scripting and integration skills using Python, JavaScript, APIs, webhooks, or workflow automation tools
  • Ability to work cross-functionally with security, compliance, legal, and infrastructure teams to translate policies into scalable technical systems
  • Familiarity with compliance frameworks such as SOC 2, ISO 27001, or NIST 800-53, and how they map to real-world infrastructure and operations
Job Responsibility
Job Responsibility
  • Lead the implementation and integration of our GRC platform, ensuring it is fully operationalized across key systems and workflows
  • Build out automated workflows for control testing, evidence collection, and audit readiness
  • Develop and maintain integrations between the GRC platform and systems of record (e.g., ticketing systems, IAM, asset inventories, configuration management)
  • Design dashboards and reporting to track control health, trust signals, and audit performance
  • Collaborate with teams across Security, GRC, and Engineering to embed compliance into operational processes like employee onboarding, change management, and incident response
  • Shape the roadmap for automated, resilient internal assurance infrastructure that grows alongside the business
What we offer
What we offer
  • Health and wellbeing: Maternity and parental leave top-up programs
  • Competitive health benefits
  • Generous PTO policy
  • Growth and future: RSU program for most employees
  • Retirement matching program
  • Free 1Password account
  • Community: Paid volunteer days
  • Peer-to-peer recognition through Bonusly
  • Remote-first work environment
  • Fulltime
Read More
Arrow Right
New

Senior Manager, Security Engineering

The Security Engineering team at Fullstory ensures that engineering teams across...
Location
Location
United States
Salary
Salary:
230.00 - 240.00 USD / Year
fullstory.com Logo
Fullstory
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Has full-time people leadership experience in a similar type of team
  • Has experience owning, planning, and executing business-level security initiatives
  • Experience building sustainable security programs with an emphasis on customer service, partnership, and enablement of software engineering and business stakeholders
  • Experience participating in security architecture, risk management, vendor diligence, threat analysis, and other dimensions of technical expertise to support team initiatives
  • Experience directly managing security vendor relationships, project scoping, deployment, etc.
  • Ability to leverage AI tools to enhance work quality and accelerate timelines by implementing AI solutions that optimize efficiency
Job Responsibility
Job Responsibility
  • Lead a team of application and cloud security engineers, including strategy and mentorship
  • Enable our partners, such as Security GRC and Legal, in supporting business outcomes
  • Create paved roads, with a focus on automation, to speed up secure-engineering practices
  • Own and maximize investments in third-party security services, consultants, and technologies
  • Run incident response investigations in collaboration with Legal and external security firms
  • Advise peer leaders on cross-business initiatives and product strategy on security and risk
What we offer
What we offer
  • Flexible PTO policy
  • Annual company-wide closure
  • Federal holidays
  • Sponsored benefit packages for US-based Fullstorians
  • Supplemental coverage options for international Fullstorians
  • Professional development opportunities through training programs
  • Annual learning subsidy for US and EMEA-based employees
  • Monthly productivity stipend for US and EMEA-based Fullstorians
  • Team off-sites
  • Annual full-company meet-up
  • Fulltime
Read More
Arrow Right
New

Lead Security Architect

We are looking for a Lead Security Architect to define and evolve the company’s ...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
instadeep.com Logo
InstaDeep
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years in enterprise and cloud security architecture
  • 5+ years in identity, access, and network trust design
  • 3+ years facilitating threat modeling and secure design reviews
  • Strong experience defining architecture standards and translating principles into practical patterns
  • Experience working across enterprise IT, cloud platforms, infrastructure, and product environments
  • Experience engaging with senior stakeholders across technical and non-technical functions
  • Security architecture at enterprise and cloud scale
  • Zero Trust and IAM architecture
  • Secure integration and trust-boundary design
  • Threat modeling and architecture review governance
Job Responsibility
Job Responsibility
  • Security architecture leadership
  • Define architecture principles and implementation patterns for Zero Trust, identity, authorization, trust boundaries, segmentation, secure integration, and secure access
  • Set the strategic direction for enterprise, cloud, and data security architecture
  • Define target-state architecture for Enterprise IT, Cloud, and Infrastructure, including IAM and identity trust models, reverse proxy and secure access architecture, network and data segmentation, cloud-native control patterns
  • Lead the development of architecture standards for secure integration between IT and product environments
  • Partner closely with Global IT Security Engineering on IAM, endpoint, VPN, reverse proxy, and access-tool integration
  • Define security architecture for AI/ML workflows, cloud-native data platforms, and ML pipelines
  • Establish and maintain AI/ML trust-boundary models
  • Support architecture and product teams on secure AI adoption
  • Shape standards for data governance and access design, ML pipeline trust boundaries, model and data protection patterns, secure use of AI assistants and AI-enabled workflows
  • Fulltime
Read More
Arrow Right