Key Responsibilities
- Design and implement enterprise-wide security and risk management frameworks with compliance-as-code principles.
- Translate regulatory requirements into technical controls and automated governance processes.
- Identify, communicate, and remediate technology risks and internal control gaps.
- Lead deep-dive technical risk assessments, threat modeling, and delivery of security metrics.
- Coordinate external audits (e.g., SOC 2, ISO 27001) and ensure timely, successful outcomes.
- Provide security training and guidance to engineering and operations teams.
Requirements
- 10+ years in cybersecurity, with at least 3 years of hands-on software development experience.
- Proven leadership in cloud-first environments; strong expertise with AWS and cloud infrastructure security.
- In-depth knowledge of GRC processes, network security architecture, and infrastructure-as-code.
- Practical experience with tools such as Open Policy Agent, InSpec, or CloudFormation Guard.
- Strong written communication skills for regulatory and audit documentation.
- Professional certifications such as CISSP, CISA, AWS CCP, or similar are advantageous.
To apply, please click “APPLY NOW” or email Sandra at sandrapriya@gritsearch.com.
Data provided is for recruitment purposes only.
Due to the volume of applications received, we regret to inform you that only shortlisted candidates will be notified. *Li-IT