AgileEngine is an Inc. 5000 company that creates award-winning software for Fortune 500 brands and trailblazing startups across 17+ industries. We rank among the leaders in areas like application development and AI/ML, and our people-first culture has earned us multiple Best Place to Work awards.

If you're looking for a place to grow, make an impact, and work with people who care, we'd love to meet you!

We're looking for GRC Engineer to join our team and play a critical role in enhancing the security posture of our production. In this role, you'll lead efforts to upgrade end-of-life operating systems, ensure software dependency compliance, and remediate critical security findings. You'll also be instrumental in standardizing our SaaS application security and collaborating cross-functionally to drive security initiatives.

- Lead Operating System Upgrades: Spearhead the planning and execution of upgrades for end-of-life operating systems across our production and cloud environments, minimizing disruption and ensuring system stability.

- Dependency Management & Compliance: Own the process of identifying and updating software dependencies to ensure compliance with internal standards and industry regulations.

- Vulnerability Remediation (CVEs): Proactively identify, prioritize, and implement patches for Common Vulnerabilities and - Exposures (CVEs) across our infrastructure and applications.

- GRC Collaboration: Partner closely with our Governance, Risk, and Compliance (GRC) team to remediate identified gaps, including developing and documenting Business Continuity Plans (BCP) and Disaster Recovery Plans (DRP).

- SaaS Application Security: Drive the migration and integration of various SaaS applications behind Okta for centralized identity and access management, enhancing our overall security posture.

- Cross-Functional Communication: Effectively communicate remediation plans, timelines, and progress to stakeholders across engineering, product, and business teams.

- Mentorship & Guidance: Provide technical guidance and mentorship to other engineers on best practices for secure infrastructure and application development.

- Process Improvement: Identify and implement improvements to our security processes, tools, and automation to increase efficiency and effectiveness.

- 5+ years of experience in infrastructure engineering, site reliability engineering, or a similar role with a strong focus on Governance, Risk, and Compliance (GRC)

- Deep understanding of Linux and Windows operating systems, including patching, configuration management, and upgrade methodologies.

- Strong knowledge of common security vulnerabilities, attack vectors, and remediation techniques.

- Excellent problem-solving skills and the ability to work collaboratively in a fast-paced environment.

- Strong communication skills to work effectively with cross-functional teams.

- Experience with security tools like Crowdstrike, Rapid7, Devo, ArmorCode, and others.

- Familiarity with security frameworks (e.g., NIST, ISO 27001) is a plus.

- Experience with Okta or similar IdP solutions, including integrating applications and configuring authentication policies.

- Experience in scripting languages like Python, Bash, or PowerShell.

- Hands-on experience with major cloud providers (AWS, Azure, or GCP) and their security services.

- Experience with infrastructure-as-code tools like Terraform, Ansible, or CloudFormation.

- Certifications in cloud technologies (e.g., AWS Certified DevOps Engineer, Azure DevOps Engineer Expert).

- Familiarity with CI/CD pipelines and integrating security into the development lifecycle.

- Experience in a regulated industry.

- Professional growth: Accelerate your professional journey with mentorship, TechTalks, and personalized growth roadmaps.

- Competitive compensation: We match your ever-growing skills, talent, and contributions with competitive USD-based compensation and budgets for education, fitness, and team activities.

- A selection of exciting projects: Join projects with modern solutions development and top-tier clients that include Fortune 500 enterprises and leading product brands.

- Flextime: Tailor your schedule for an optimal work-life balance, by having the options of working from home and going to the office – whatever makes you the happiest and most productive.