Senior Cybersecurity GRC Specialist shaping Orion Pharma's cybersecurity governance, risk management, and compliance. Engaging with teams to enhance security posture and meet regulatory standards.
About the role
- Lead Cyber Security Engineer for fast-growing fintech company specializing in credit card solutions. Focus on designing and implementing cybersecurity in cloud-first, API-driven environment.
Responsibilities
- Own the technical execution of the cybersecurity program
- Provide leadership to a team of cybersecurity engineers, including performance coaching, workload prioritization, and professional development
- Design and operate security controls across AWS environments
- Implement and maintain IAM, encryption, secrets management, and network security
- Define and enforce secure API and application security standards
- Integrate security tooling into CI/CD pipelines (SAST, DAST, dependency scanning)
- Perform threat modeling, vulnerability assessments, and remediation
- Monitor security events and lead technical incident response
- Support SOC 2, PCI DSS, and related audit and compliance activities
- Conduct security reviews of vendors, partners, and third-party integrations
- Act as a security subject-matter expert and advisor to engineering teams
Requirements
- BA or BS Degree in Computer Science or related degree is preferred
- High School Diploma or GED required
- Minimum of 6–10 years of experience in cybersecurity, cloud infrastructure, or software engineering is required
- 2–4 years in a senior or lead security engineering role
- Hands-on experience securing cloud-native, SaaS or FinTech platforms
- Direct experience with AWS-based, API-heavy architectures
- Strong hands-on experience with: AWS IAM, VPC, KMS, Security Hub, GuardDuty, CloudTrail
- Secure API design (OAuth2, JWTs, mTLS)
- Infrastructure-as-Code (Terraform or CloudFormation)
- CI/CD security and DevSecOps practices
- Solid understanding of OWASP Top 10 and API Security Top 10
- Strong technical judgment and ownership mindset
- Ability to communicate security risks clearly to engineers and leadership
- Pragmatic, risk-based approach to security
- Comfortably operating independently and remaining deeply hands-on
- AWS Certified Security – Specialty certification is a plus
- CISSP, CCSP, CISM, or GIAC certifications are preferred
- Experience in regulated FinTech or financial services environments preferred
Benefits
- Competitive compensation and benefits
- Hybrid work schedule allows for three (3) core days in the office and two (2) remote workdays
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Product Security expert ensuring secure software development at NETGEAR. Championing security practices and monitoring vulnerabilities while collaborating with development teams.
System Architect driving secure cloud - native applications using cutting - edge technologies for Product Security at Nokia. Leading AI - driven design and architecture with collaboration across global teams.
Cyber Security Engineer protecting data from threats in a fintech startup. Collaborating with the Information Security Team and implementing security controls for technical projects.
Junior Security Incident Responder in an innovative IT service company protecting clients against cyber threats. Collaborating with teams to enhance IT security and respond to incidents.
Security Incident Responder managing IT security incidents in the Security Operations Center, analyzing threats and coordinating responses effectively for clients' safety.
Senior Security Engineer developing and enhancing security infrastructure for Bank Frick, a pioneer in blockchain banking. Responsible for managing security processes and collaborating with IT teams.
Werkstudent Cyber Security bei Wavestone, Unterstützung im IT - Consulting und Entwicklung im Bereich Cyber - Sicherheit. Analyse von Trends und aktive Teilnahme an Teamaktivitäten.
Project Manager for Security Technology managing complex security projects in MENA region. Involving internal teams and external integrators ensuring project success and client satisfaction.
Cyber Security Manager at British American Tobacco strengthening cyber resilience across Western Europe. Responsible for managing security initiatives and collaborating with regional teams.