GRC Manager

Description

Position: GRC Manager

#LI-Remote

US (EST Timezone), Canada - Remote Work/WFH

*Preference given to East Coast Timezones*

Role Summary 

We are seeking a seasoned Senior Security Engineer to lead the execution of security operations and internal security initiatives. This highly technical role will be the principal hands-on engineer responsible for securing our corporate and cloud infrastructure, supporting detection and response, and maturing security controls across the business. This role is ideal for someone who thrives in fast-moving environments, enjoys solving technical challenges end-to-end, and can independently drive security projects in close collaboration with IT, DevOps, and engineering. 

Key Responsibilities 

• Serve as the lead technical resource for internal security operations, including: 
• Endpoint and network security 
• AWS and Azure security configuration 
• Identity and Access Management (Entra ID, AWS IAM) 
• Threat detection and incident response 
• Design, implement, and optimize security tooling, monitoring, and controls 
• Collaborate with IT, DevOps, and engineering teams to design secure architectures and troubleshoot issues 
• Support compliance, audit, and risk management activities through technical controls and documentation 
• Collaborate with and mentor other security engineers and promote security best practices across the company 
• Lead or contribute to cross-functional security initiatives and internal project planning 

Requirements

Required Qualifications 

• 8+ years of hands-on security engineering experience across multiple domains (network, endpoint, cloud, IAM, detection/response) 
• Technical expertise in securing AWS environments (e.g., IAM, VPC, GuardDuty, KMS) 
• Familiarity with Azure security principles, especially around Entra ID and hybrid identity 
• Strong understanding of endpoint protection, logging/monitoring, and network segmentation 
• Demonstrated ability to independently manage and deliver complex technical projects 
• Excellent interpersonal and communication skills — able to lead meetings, present findings, and influence non-security stakeholders 
• Comfortable working in a fast-paced, high-responsibility environment with minimal supervision 

Nice to Haves 

• Exposure to application security concepts and ability to support AppSec initiatives 
• Familiarity with incident response frameworks and forensic analysis 
• Experience mentoring junior engineers 
• Knowledge of infrastructure-as-code, container security, or experience with security automation 
• Experience with compliance frameworks (e.g., ISO 27001, SOC 2)