CrawlJobs Logo

Senior Security GRC Engineer

https://www.atlassian.com Logo

Atlassian

Location Icon

Location:
India , Bengaluru

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

The Senior Security GRC Engineer at Atlassian will be instrumental in implementing and managing the company's security risk and governance strategy. This role requires a deep understanding of cybersecurity and risk management, as well as the ability to collaborate with various stakeholders within Atlassian including but not limited to Security, Engineering, Risk and Compliance teams.

Job Responsibility:

  • Deliver technical expertise and innovation, providing security guidance to teams and promoting the adoption of industry-leading methodologies to build secure products by default
  • Drive technical solutions in security and risk management
  • Leverage data analytics and visualization, deriving actionable insights from security governance, risk, and compliance data
  • Promote automation and tooling, encouraging the use of the latest security tools to enhance product security processes
  • Proactively identify and mitigate risks, recognizing potential security threats or compliance concerns specific to product security
  • Collaborate with product security teams, implementing security controls and best practices
  • Regularly evaluate and report, assessing the effectiveness of security controls
  • Influence and align stakeholders, working with security engineers and stakeholders to drive alignment on security initiatives
  • Stay informed on regulatory awareness and compliance, keeping up with the latest developments in legislative, regulatory, and industry security requirements

Requirements:

  • 5-7+ years experience in a similar role, preferably in a large-scale SaaS/Product environment
  • Expertise and experience working in security-focused roles
  • Experience with application security, especially web applications
  • Experience in cloud security architecture and infrastructure
  • Experience providing SME knowledge and guidance to stakeholders and engineering functions
  • Experience working with internal/external audit and leadership teams
  • Solid knowledge of cybersecurity principles, risk management strategies, and IT governance frameworks
  • Strong communication and interpersonal skills, with the ability to interact with stakeholders at all levels and explain complex security concepts in an understandable way
  • Relevant certifications such as CISSP, CISM, or CRISC would be beneficial
  • Scripting experience to automate recurring tasks (JQL, SQL, Python, Go)
What we offer:
  • health coverage
  • paid volunteer days
  • wellness resources

Additional Information:

Job Posted:
April 23, 2025

Employment Type:
Fulltime
Work Type:
Remote work
Icon
Atlassian - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Senior Security GRC Engineer

Senior Security Engineer

We’re looking for an experienced security engineer to join our highly collaborat...
Location
Location
Canada; United States
Salary
Salary:
143000.00 - 210000.00 USD; CAD / Year
https://www.1password.com Logo
1Password
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 5+ years of combined experience in security, GRC, risk, or a related space with hands-on technical work building automation solutions as they relate to compliance controls, evidence, GRC platforms, etc.
  • experience in effectively analyzing data and programs for security risk, compliance, and maturity
  • willingness to wear different hats and work on areas where needed
  • must excel in communication, and demonstrate the ability to explain technical security concepts to a non-technical audience
  • must have a highly collaborative and teamwork-focused approach, as well as a heart for mentoring and leveling up your teammates
  • must be able to assess and mitigate corporate risk within the organization
  • sophisticated program/project management abilities
Job Responsibility
Job Responsibility
  • Own, design and manage the continued enhancement of various GRC programs including but not limited to strategy, roadmap, and controls to address regulatory requirements across multiple jurisdictions
  • communicate our compliance framework and various program requirements to all relevant stakeholders (internal and external)
  • engage cross-functionally with groups such as Engineering, Finance, Legal, Product, and Sales to establish a thoughtful, strategic and tactical approach to multiple GRC programs and related processes
  • assist with analysis and preparation for internal and external audits
  • accurately and effectively communicate our compliance position and programs to auditors and customers
  • partner with other members of the security team to establish security guidelines that enable the organization to move fast in a safe and secure manner
  • operate as a technical leader by helping define the GRC roadmap and by leveling up junior employees
  • build strong relationships with partner and stakeholder teams in order to build a scalable GRC program
What we offer
What we offer
  • Maternity and parental leave top-up programs
  • wellness spending allowance
  • generous PTO policy
  • company-wide wellness days off scheduled throughout the year
  • wellness coach membership
  • comprehensive health coverage
  • company equity for all full-time employees
  • retirement matching program
  • training budget, 1Password University access, and learning sessions
  • free 1Password account (and friends and family discount!)
  • Fulltime
Read More
Arrow Right

Senior Information Security Engineer

Serve as a technical leader in our Security team reporting to our Information Se...
Location
Location
United States , Boston
Salary
Salary:
150000.00 - 190000.00 USD / Year
whoop.com Logo
Whoop
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Computer Science, Information Security, or a related technical field and/or advanced certifications (CISSP, CISM, AWS Security Specialty, SANS, etc.)
  • 8+ years of hands-on experience in Information Security, IT Security, or a related role, including at least 2 years in a senior or lead capacity
  • Proven track record implementing and managing advanced security technologies (e.g., CASB, CNAPP, CSPM, SIEM, SOAR, DLP, SWG)
  • Experience securing AI/ML systems or APIs, including governance of third-party AI integrations and organizational use of AI tools
  • Strong understanding of modern cloud security architecture (AWS, Azure, GCP) and experience performing threat modeling and risk assessments on cloud-based systems
  • Hands-on experience with application security tooling (SAST, SCA, DAST) and embedding secure development practices
  • Demonstrated leadership in security incident response, investigations, and root cause analysis
  • Effective communicator with the ability to influence stakeholders and explain security concepts to technical and non-technical audiences
  • Strong project management skills and the ability to drive initiatives to completion in a fast-paced environment
  • Experience mentoring engineers and setting operational standards
Job Responsibility
Job Responsibility
  • Implement and enhance security controls by leading the deployment, integration, and tuning of solutions such as CNAPP, SIEM, CASB, EDR, DLP, and MDM to maximize effectiveness
  • Support security design decisions by providing subject matter expertise on cloud and SaaS security best practices while influencing architecture led by the Security Architect role
  • Lead incident response and investigations by guiding containment, remediation, root cause analysis, and post-incident improvements
  • Strengthen application security by overseeing secure development practices and managing SAST, SCA, and DAST tooling
  • Advance identity and access management by supporting IAM policy enforcement, SSO, MFA, SCIM, RBAC, and user lifecycle governance
  • Secure AI systems and integrations by assessing and protecting embedded APIs and organizational AI tool usage to ensure resilience, privacy, and compliance
  • Collaborate cross-functionally by working with Engineering, IT, and GRC teams to embed security into systems and workflows
  • Mentor and influence by providing technical guidance, reviewing work, and promoting security-first thinking across the organization
  • Stay ahead of threats and regulations by tracking emerging risks, technologies, and compliance requirements to inform forward-looking strategies
  • Participate in and help improve the on-call rotation by providing guidance, escalation support, and driving improvements in response processes
What we offer
What we offer
  • competitive base salaries
  • meaningful equity
  • generous equity package
  • Fulltime
Read More
Arrow Right

Senior Systems Security Engineer

AnaVation is looking for a Sr. Systems Security Engineer to assist the customer ...
Location
Location
United States , Washington
Salary
Salary:
Not provided
anavationllc.com Logo
AnaVation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5-10 years of experience in information system engineering and configuration management
  • 5 years of experience in control implementation and secure system engineering or design
  • Excellent communication skills
  • Hands on experience with: Security monitoring and evaluation, including audits, assessments, and risk management
  • SIEM tools (e.g., Splunk)
  • Vulnerability Scanning tools (e.g., Tenable, Nessus)
  • EDR tools (e.g., Crowdstrike)
  • Web App Scanning tools (e.g., Burpsuite, Acunetix)
  • Active Directory
  • SANs
Job Responsibility
Job Responsibility
  • Performing hands-on engineering, administration, and securing of multiple operating systems (e.g., Windows, RHEL, Unix variants), and applying DISA STIGs across diverse vendor technologies, including virtualization platforms (VMWare, Hyper-V), cloud environments (AWS, Azure, Google Cloud), and enterprise applications
  • Perform system administration tasks to include audit and log management, availability monitoring and remediation, account management and access reviews, and configuration update scheduling and performance
  • Contribute to the design and development of secure system architectures, ensuring security is integrated through system and network lifecycles
  • Evaluate, implement, and document security architecture solutions, aligning with compliance requirements and organizational mission needs
  • Ensure technical compliance with applicable security frameworks, standards, and regulations (e.g., DISA SITGs, NIST 800-53, RMF)
  • Conducting, configuring, and managing vulnerability scans
  • Conducting vulnerability remediations, patching, and system hardening
  • Collaborate with ISSOs, Assessors, System Owners, and other stakeholders to implement security controls
  • Support security assessments, audits, and accreditation/authorization (ATO) activities
  • Document security configurations, engineering solutions, and compliance evidence
What we offer
What we offer
  • Generous cost sharing for medical insurance for the employee and dependents
  • 100% company paid dental insurance for employees and dependents
  • 100% company paid long-term and short term disability insurance
  • 100% company paid vision insurance for employees and dependents
  • 401k plan with generous match and 100% immediate vesting
  • Competitive Pay
  • Generous paid leave and holiday package
  • Tuition and training reimbursement
  • Life and AD&D Insurance
  • Fulltime
Read More
Arrow Right

Senior Information Security Compliance Analyst

We're looking for a technically grounded Senior IS Compliance Analyst who speaks...
Location
Location
United States , Chicago
Salary
Salary:
90000.00 - 130000.00 USD / Year
blumeglobal.com Logo
Blume Global
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Hands-on experience in technical security roles such as Security Operations, Incident Response, Security Analysis, penetration testing, or similar
  • Practical knowledge of security tools, SIEM platforms, vulnerability management, and security monitoring
  • and ability to read and understand security logs, configurations, and technical documentation
  • 6+ years of total experience with significant time in GRC
  • Working knowledge of ISO 27001, NIST frameworks, SOC 1/2, and GDPR requirements
  • Experience developing and implementing information security policies and controls
  • ISO 27001:2022 Lead Implementer and Lead Auditor certification
Job Responsibility
Job Responsibility
  • Lead technical security assessments and integration of acquired companies, mapping their security architectures and controls to our GRC frameworks, identifying gaps, and building remediation roadmaps that address both technical security and compliance alignment
  • Bridge technical security and business stakeholders by evaluating risks through a technical lens, working alongside security engineering teams to translate GRC requirements into practical security measures, and communicating effectively across technical and non-technical audiences
  • Develop and harmonize security policies and control frameworks across acquired entities, ensuring they're both audit ready and operationally sound, while translating between technical security requirements and governance documentation
  • Own customer security questionnaire responses by leveraging your hands-on security background to provide detailed, accurate answers and collaborating with infrastructure, application security, and operations teams to gather technical evidence
  • Drive continuous improvement of our GRC program through technical security enhancements, meaningful security and compliance metrics, and process improvements that increase both control effectiveness and operational efficiency
What we offer
What we offer
  • health and welfare benefits
  • tuition assistance
  • 401K savings and other retirement programs
  • employee assistance programs
Read More
Arrow Right

Info Security Full Stack Engineer

The Info Security Tech Sr Analyst is an intermediate level position responsible ...
Location
Location
India , Pune; Mumbai
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Knowledge of 3rd party supplier controls and risk assessment for applications is preferred
  • At least 3+ years’ demonstrated performance as a technical SME in a highly regulated environment with 8+ years of experience as a developer
  • Experience with technical documentation, API specifications, architectural diagrams etc.
  • Experience in the design and implementation of compliance programs and projects
  • Strong written and oral communication skills, attention to detail and ability to deliver high quality materials, results oriented
  • Role model for and driver of a culture of ethics, learning and accountability
  • Positive, can-do attitude, action and results-oriented, decisive, and willing to take control of a situation when required
  • trusted advisor with sound judgment even when operating under pressure or significant stress
  • Exceptional candidates who do not meet all criteria may be considered for the role based on skills, ability to learn and positive, do what it takes attitude to drive success
  • Technical skills: HTML, CSS, JSAngular v13 (preferred),SharePoint development, SharePoint Workflow development
Job Responsibility
Job Responsibility
  • Developing and configuring solutions based on business needs and inputs
  • Develop tools and solutions to integrate risk management applications with other Citi systems
  • Test planning, coordination, and tracking including unit testing, integration testing, and User Acceptance
  • Ensuring that appropriate governance and oversight rules are implemented and adhered to
  • Drive quality in work, documentation and reporting
  • Provide feedback to improve efficiency, to simplify existing solutions as part of continuous improvement
  • Be a partner for Internal Teams looking to introduce new capabilities within their business
  • Assist with regulatory requests
  • Collaborate with senior Citi management across business and functional lines in case of need as each introduce new capabilities, to keep SaaS activity within our risk tolerance
  • Drive continuous improvement efforts for quality and efficiency
  • Fulltime
Read More
Arrow Right
New

Senior Security Engineer

We’re looking for a Senior Security Engineer to lead and scale our security moni...
Location
Location
Spain
Salary
Salary:
Not provided
maisa.ai Logo
Maisa
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years in security engineering, detection & response, or SOC/IR roles, with strong hands-on technical depth
  • Proven experience building and operating SIEM (Splunk, Elastic, or other equivalent SIEM platforms) detections, alerting, and dashboards in production environments
  • Strong incident response skills: investigation, evidence collection and custody-chain enforcement, containment strategies, and communications
  • Solid knowledge of AWS security (CloudTrail, GuardDuty concepts, IAM, VPC flow logs, CloudWatch, etc.) and common cloud attack techniques
  • Practical experience securing Kubernetes environments (cluster telemetry, runtime signals, RBAC, admission controls, workload identity)
  • Ability to write and maintain detections/playbooks as code (Python, Go, or similar), and comfort with automation and APIs
  • Strong understanding of attacker behavior, log sources, and detection tradeoffs (precision vs. recall)
Job Responsibility
Job Responsibility
  • Own detection engineering end-to-end: build, tune, and maintain threat detections across cloud, Kubernetes, workloads, and identity, focusing on high-fidelity signals and actionable alerts
  • Operate and evolve SIEM & SOAR: develop ingestion pipelines, parsing/normalization, enrichment, correlation, dashboards, and automated playbooks (triage, containment, evidence collection)
  • Threat detection & alerting strategy: define alert standards (severity, SLAs, routing), reduce noise, and establish measurable detection coverage mapped to frameworks (e.g., MITRE ATT&CK)
  • Incident response leadership: act as an incident responder and escalation point. Coordinate investigations, containment, eradication, recovery, and build incident reports
  • improve processes based on learnings
  • Detection content lifecycle: write, test, deploy, and continuously tune detection rules
  • maintain version control, peer review, and CI/CD for detections/playbooks
  • Threat hunting & proactive analysis: conduct hypothesis-driven hunts, identify gaps, and translate findings into new detections and automated response
  • Cross-functional collaboration: partner with GRC, SRE, and Engineering teams to harden services, improve observability, and roll out secure-by-default controls
  • Documentation and enablement: create runbooks, playbooks, and training so on-call responders and stakeholders can act quickly and consistently
  • Fulltime
Read More
Arrow Right

Senior Governance, Risk and Compliance Analyst - Governance

Come join the company that is reinventing cloud security and empowering business...
Location
Location
Netherlands
Salary
Salary:
Not provided
wiz.io Logo
Wiz
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in one or more of the Governance, Risk, and Compliance domains
  • Passion for security and keeping Wiz safe
  • Ability to collaborate with technical and non-technical teams alike to further oversight responsibilities of Security
  • Deep knowledge of one or more industry frameworks such as ISO 27001, ISO 27017, SOC 2, PCI DSS, NIST CSF, etc. and baseline knowledge of others
  • Ability to assist with security compliance assessments to ensure compliance with internal and external requirements (ISO, NIST, CIS, etc.)
  • Experience working in a fast-paced tech environment both independently, and collaboratively within a team environment
  • Ability to build strong relationships across teams and functions in a global workplace
  • Applicants must have the legal right to work in the country where the position is based, without the need for visa sponsorship
Job Responsibility
Job Responsibility
  • Design and update policies, procedures, and controls to drive confidentiality, integrity, and availability across the Wiz environment
  • Continuously improve processes, tools, and procedures for audit and compliance management
  • Collaborate and work cross-functionally across the company to address governance and compliance needs and to support the Wiz Control Framework, partnering with Engineering, Product, Sales, Legal, HR, and other teams
  • Proactively improvement control design and performance to address a changing risk landscape
  • Deliver timely audits through working with internal and external auditors
  • Help customer-facing teams respond to information security requirements and questionnaires
  • Assist with third party risk management reviews, assessing vendor’s security, compliance, and privacy posture
  • Participate in team project management, including documentation, project planning, task management, and prioritization
  • Participate in recurring annual core audits (e.g., SOC 2, ISO, PCI)
  • Maintain awareness of security and regulatory trends, perform research and analysis on new certifications, and help Wiz pursue new international compliance initiatives
Read More
Arrow Right
New

Senior Technical Program Manager

The Senior Technical Program Manager, Security & GRC will work directly with our...
Location
Location
United States
Salary
Salary:
200000.00 - 220000.00 USD / Year
humaninterest.com Logo
Human Interest
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in CS, Engineering, or a related field
  • Started career as a Security Engineer, Systems Administrator, or Analyst
  • TPM professional for 5+ years, specifically managing high-stakes security, privacy, or infrastructure initiatives
  • Deep understanding of the Security SDLC and experience navigating cloud-native service architectures (AWS/GCP) with a focus on security guardrails
  • Experience translating regulatory frameworks (e.g., SOC2, ISO 27001, FedRAMP, or GDPR) into concrete technical requirements
  • Proven ability to 'go deep' and comfortable looking at architectural diagrams, API docs, or cloud configurations to find root causes
  • Exceptional communication skills with a knack for explaining the 'why' behind a security control to a developer and the 'how' of a technical fix to an auditor
  • Strong ability to leverage data—from vulnerability scanners to Jira velocity—to tell a story and drive cross-functional decision-making
Job Responsibility
Job Responsibility
  • Technical security orchestration: Partner with Security Engineering, Risk, Product, and Infrastructure teams to bake security and compliance 'into the kiln'
  • Help design risk solutions: Dive deep into the security stack to not only identify execution blockers but actively architect the technical solutions to implement them
  • Help architect our security mission: Define the technical milestones for high-stakes initiatives like Zero Trust and IAM overhauls, translating a broad vision into a precise execution roadmap
  • Drive high-velocity operations: Lead agile security sprints that harmonize vulnerability remediation and threat detection with feature development
  • Optimize the 'rhythm of the business' by automating manual GRC workflows, eliminating manual friction and moving us toward Compliance as Code
  • Translate telemetry into narrative: Distill complex security data and telemetry into compelling risk narratives for leadership while maintaining high-fidelity technical depth for engineers
  • Optimize the defensive roadmap: Command long-term strategic planning by aligning cloud infrastructure costs and security tooling with the company’s overarching defensive goals
  • Cultivate organizational excellence: Uphold a relentless culture of focus and accountability, identifying systemic inefficiencies and driving impact through superior tooling and process engineering
What we offer
What we offer
  • A great 401(k) plan: Our own! Our 401(k) includes a dollar-for-dollar employer match up to 4% of compensation (immediately vested) and $0 plan fees
  • Top-of-the-line health plans, as well as dental and vision insurance
  • Competitive time off and parental leave
  • Addition Wealth: Unlimited access to digital tools, financial professionals, and a knowledge center to help you understand your equity and support your financial wellness
  • Lyra: Enhanced Mental Health Support for Employees and dependents
  • Carrot: Fertility healthcare and family forming benefits
  • Candidly: Student loan resource to help you and your family plan, borrow, and repay student debt
  • Monthly work-from-home stipend
  • quarterly lifestyle stipend
  • Engaging team-building experiences, ranging from virtual social events to team offsites, promoting collaboration and camaraderie
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy