Grant Street GroupRemote
Security & Compliance Engineer
United States of America
Full Time
5 hours ago
$100,000 - $160,000 USD
H1B Sponsor Likely
Key skills
Security engineeringSecurity operationsInfrastructure securitySecurity complianceLinuxAWSAWS IAMAWS CloudTrailAWS GuardDutyAWS Security HubAWS ConfigAWS InspectorAWS KMSVulnerability managementConfiguration managementLoggingMonitoringAccess controlIncident responsePythonBashPowerShellAIIAMSaaSCommunication
About this role
Grant Street Group is a growing company providing SaaS products in areas such as electronic payments, auctions, and tax collection. They are seeking a hands-on Security & Compliance Engineer to help maintain and improve the operational security of their Linux-based systems and services across hybrid AWS and on-prem environments. The role focuses on vulnerability management, security log management, control monitoring, remediation tracking, audit support, and cross-team coordination.
Responsibilities:
- Support the day-to-day security posture of systems and services across cloud and on-prem environments
- Review vulnerability findings from scanners, penetration tests, and other assessments, and help drive remediation to closure
- Partner with infrastructure, platform, and engineering teams on secure configuration, access control, logging, monitoring, and incident readiness
- Support compliance and assessment activities related to GovRAMP/FedRAMP, PCI DSS, internal reviews, and third-party examinations
- Use AWS security tooling effectively, support day-to-day security processes, and help translate security and compliance requirements into practical, durable operational outcomes
- Maintain documentation, procedures, and other operational artifacts so they stay aligned with the environment and current control expectations
Requirements:
- 3+ years of experience in security engineering, security operations, infrastructure security, or security compliance
- Hands-on experience working in Linux-based production environments and securing Linux systems
- Experience securing AWS environments and using services such as IAM, CloudTrail, GuardDuty, Security Hub, Config, Inspector, and KMS
- Working knowledge of vulnerability management, configuration management, logging, monitoring, access control, and incident response practices
- Scripting experience in Python, Bash, PowerShell, or similar for automation, security operations, and reporting tasks
- Strong written and verbal communication skills, with the ability to move issues from discovery through remediation across multiple teams
- Experience supporting regulated or highly audited environments
- Familiarity with GovRAMP, FedRAMP, PCI DSS, SOC examinations, or similar frameworks
- Experience reviewing scanner output, penetration test findings, or security monitoring alerts and helping drive remediation
- Familiarity with POA&M tracking, exception handling, and remediation coordination
- Experience working across both cloud and legacy infrastructure
- Comfort using AI tools responsibly to support workflows such as triage, investigation, scripting, documentation, and reporting
- Experience with security data lakes, OCSF schema management, or security data transformation pipelines