Security & Compliance Engineer

Responsibilities

• Support the day-to-day security posture of systems and services across cloud and on-prem environments.
• Review vulnerability findings from scanners, penetration tests, and other assessments, and help drive remediation to closure.
• Partner with infrastructure, platform, and engineering teams on secure configuration, access control, logging, monitoring, and incident readiness.
• Support compliance and assessment activities related to GovRAMP/FedRAMP, PCI DSS, internal reviews, and third-party examinations.
• Use AWS security tooling effectively, support day-to-day security processes, and help translate security and compliance requirements into practical, durable operational outcomes
• Maintain documentation, procedures, and other operational artifacts so they stay aligned with the environment and current control expectations.
• What makes you a great fit?
• 3+ years of experience in security engineering, security operations, infrastructure security, or security compliance.
• Hands-on experience working in Linux-based production environments and securing Linux systems.
• Experience securing AWS environments and using services such as IAM, CloudTrail, GuardDuty, Security Hub, Config, Inspector, and KMS.
• Working knowledge of vulnerability management, configuration management, logging, monitoring, access control, and incident response practices.
• Scripting experience in Python, Bash, PowerShell, or similar for automation, security operations, and reporting tasks.
• Strong written and verbal communication skills, with the ability to move issues from discovery through remediation across multiple teams.
• Experience with any of the following is a plus
• Experience supporting regulated or highly audited environments.
• Familiarity with GovRAMP, FedRAMP, PCI DSS, SOC examinations, or similar frameworks.
• Experience reviewing scanner output, penetration test findings, or security monitoring alerts and helping drive remediation.
• Familiarity with POA&M tracking, exception handling, and remediation coordination.
• Experience working across both cloud and legacy infrastructure.
• Comfort using AI tools responsibly to support workflows such as triage, investigation, scripting, documentation, and reporting.
• Experience with security data lakes, OCSF schema management, or security data transformation pipelines.
• There is minimal travel: typically 2-3 weeks per year for on-site meetings.
• Expected Salary Range: $100,000 - $160,000/year

Additional Information

Are you the kind of security professional who likes turning findings into fixes? Do you enjoy working across AWS, Linux, and compliance-driven environments to keep systems secure and practical? If so, you may be the perfect fit for Grant Street Group! Grant Street Group is a growing company providing SaaS products in areas such as electronic payments, auctions, and tax collection. We're looking for a hands-on Security & Compliance Engineer to help maintain and improve the operational security of our linux based systems and services across hybrid AWS and on-prem environments. This role focuses on vulnerability management, security log management, control monitoring, remediation tracking, audit support, and cross-team coordination.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at Grant Street Group? Share your experience