Senior Security Engineer - GRC

About role :

This position reports to the Sr. Manager, GRC, and you will be part of 6sense’s Security department. The Governance, Risk, and Compliance (GRC) team aligns security with business objectives while managing risks and meeting industry standards, regulations, and contractual obligations. GRC enforces governance, implements risk management strategies, and ensures compliance by operating as the second line of defense.

Responsibilities & Accountabilities :

• Execute on milestones for end-to-end GRC initiatives in accordance with the Security roadmap.
• Lead internal and external audit engagements.
• Oversee and execute complex control tests, third-party and operational security risk assessments and communicate results across multiple audiences with varying levels of sensitivity.
• Develop issue and risk treatment plans with owners and test remediation for closure.
• Design high-quality test plans and improve security control test activities through peer reviews that provide feedback and guidance to other GRC Engineers.
• Provide GRC technology administration to include user training. 
• Mature security governance, training and awareness programs.
• Improve GRC handbook pages, procedures and playbooks and maintain security program controlled documents.
• Design GRC control automation and implement security GRC related automation tasks.
• Execute on quarterly individual Key Results that support team Objectives (OKRs).

Performance Measurement :

• Maintains up-to-date knowledge of 6sense’s product, environment, systems and architecture 
• Actively prepares for weekly 1:1s with Manager and monthly skip levels 
• Drives remediation of security risks and threats   
• Adheres to strict deadlines and SLAs 
• Participates in creation of milestones associated with major security projects 
• Executes on milestones associated with major security projects 
• Develops and maintains up to date handbook pages, runbooks, workflows and dashboards 
• Provides project status update on weekly basis 
• Administers GRC technology 

Educational and Experience Requirements 

• 5+ years of experience being part of a GRC or similar team 
• 1+ years of experience developing automation 
• Experience with security tools and cloud environments (e.g., GRC, Vulnerability Scanners, SIEM, SOAR, AWS)  
• Experience with industry frameworks, regulations and standards, such as: ISO 27001, SOC 2, GDPR, PCI, SOX, NIST, etc. #LI-remote