Senior Security Engineer, GRC

All roles at JumpCloud are Remote unless otherwise specified in the Job Description.

About JumpCloud

JumpCloud delivers a unified open directory platform that makes it easy to securely manage identities, devices, and access across your organization. With JumpCloud, IT teams and MSPs enable users to work securely from anywhere and manage their Windows, Apple, Linux, and Android devices from a single platform. JumpCloud is IT Simplified.

About the Role:

JumpCloud is seeking a Senior Security Engineer for its Governance, Risk, and Compliance (GRC) team. This pivotal role involves the development, implementation, and management of GRC programs for all JumpCloud products and services. The successful candidate will be instrumental in upholding JumpCloud's security posture and safeguarding its users.

In this role, you will:

• • Ensure GRC objectives are aligned with the organization's overall business strategy and risk appetite
• Ensure the organization's compliance with a variety of regulatory and security frameworks (e.g., ISO 27001, SOC 2, PCI DSS, GDPR, DORA, etc.)
• Develop and implement processes for continuous compliance monitoring and evidence collection
• Coordinate and facilitate internal and external audits, serving as the primary liaison with auditors and regulatory bodies
• Maintain the risk register, tracking risks from identification through mitigation and acceptance
• Collaborate with business units and technical teams to develop and implement effective risk mitigation strategies and controls
• Track and manage audit findings and control gaps, working with control owners to drive remediation efforts and ensure timely resolution

You have:

• • 5+ years of experience in a GRC, information security, or compliance-focused role
• Experience writing Golang (or an equivalent language)
• Proven experience in designing, implementing, and managing GRC programs.
• Demonstrated experience with risk assessments, audit management, and policy development.
• Familiarity with various regulations and data privacy laws (e.g., GDPR, CCPA, etc.)
• Strong analytical and problem-solving skills, with a keen attention to detail.
• Excellent written and verbal communication skills, with the ability to translate complex technical information for both technical and non-technical audiences.
• Project management skills with the ability to manage multiple projects and priorities simultaneously.

Bonus points if you have the following Certifications:

• • Certified Information Systems Security Professional (CISSP)
• Certified in Risk and Information Systems Control (CRISC)
• Certified Information Security Manager (CISM)

Personal characteristics we are looking for:

• • Views security as an enabler, not an inhibitor to innovation
• Results oriented and self driven
• High level of integrity
• Ownership and accountability
• Clear communication
• Passionate about security

LI-

Where you'll be working/Location:

JumpCloud is committed to being Remote First, meaning that you are able to work remotely within the country noted in the Job Description.

You must be located in and authorized to work in the country noted in the job description to be considered for this role.

Please note: There is an expectation that our engineers participate in on-call shifts. You will be expected commit to being ready and able to respond during your assigned shift, so that alerts don't go unaddressed.

Language:

JumpCloud has teams in 15+ countries around the world and conducts our internal business in English. The interview and any additional screening process will take place primarily in English. To be considered for a role at JumpCloud, you will be required to speak and write in English fluently. Any additional language requirements will be included in the details of the job description.

Why JumpCloud?

If you thrive working in a fast, SaaS-based environment and you are passionate about solving challenging technical problems, we look forward to hearing from you JumpCloud is an incredible place to share and grow your expertise You'll work with amazing talent across each department who are passionate about our mission. We're out of the box thinkers, so your unique ideas and approaches for conceiving a product and/or feature will be welcome. You'll have a voice in the organization as you work with a seasoned executive team, a supportive board and in a proven market that our customers are excited about.

One of JumpCloud's three core values is to "Build Connections." To us that means creating " human connection with each other regardless of our backgrounds, orientations, geographies, religions, languages, gender, race, etc. We care deeply about the people that we work with and want to see everyone succeed." - Rajat Bhargava, CEO

Please submit your résumé and brief explanation about yourself and why you would be a good fit for JumpCloud. Please note JumpCloud is not accepting third party resumes at this time.

JumpCloud is an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status.

Scam Notice:

Please be aware that there are individuals and organizations that may attempt to scam job seekers by offering fraudulent employment opportunities in the name of JumpCloud. These scams may involve fake job postings, unsolicited emails, or messages claiming to be from our recruiters or hiring managers. Please note that JumpCloud will never ask for any personal account information, such as credit card details or bank account numbers, during the recruitment process. Additionally, JumpCloud will never send you a check for any equipment prior to employment.

All communication related to interviews and offers from our recruiters and hiring managers will come from official company email addresses ) and will never ask for any payment, fee to be paid or purchases to be made by the job seeker. If you are contacted by anyone claiming to represent JumpCloud and you are unsure of their authenticity, please do not provide any personal/financial information and contact us immediately at with the subject line "Scam Notice"

LI-Remote #BI-Remote

---