GRC Security Engineer - Quantum Computing

Quantum computing and security are intimately connected. One day, quantum computers will render RSA trivially crackable; today, protecting our cutting edge research is essential. As a Security Engineer focused on GRC, you’ll help drive our implementation of security audit programs like SOC 2 and NIST 800-53, privacy regimes like GDPR, and even help with SOX. This is an opportunity for a security engineer with an emerging or existing interest in the next generation of computing to bring their diverse background and talents into the future. We’d love a blend of hands-on experience as well as tactical and strategic direction.

In the first three months, you’ll be helping to ensure that our environments meet audit standards through iterative review and automation so that we can meet advanced requirements in security standards..

Responsibilities:

• Lead our SOC 2, NIST 800-53, NIST 800-171 and other governance, risk and compliance efforts
• Develop and document processes supporting secure operations
• Collect evidence in support of audits and risk assessments
• Perform risk assessments and internal auditing
• Prepare teams across the company through exercises, training, and collaboration
• Collaborate with both technical and non-technical teams, from legal, to engineering, to finance, to operations, to supply chain

 The ideal candidate will be detail oriented and enjoy working with security frameworks and delivering quality evidence in support of governance, risk and compliance efforts.  A candidate may have more experience with the audit and compliance side (GRC), or on the automation side, but either way will be excited to combine those two fluidly and pragmatically to help provide adaptive and efficient security assurance.

You’d be a good fit with:

• Bachelor’s degree in Computer Science or equivalent practical experience -- untraditional backgrounds are welcome and encouraged!
• Familiarity with SOC 2, NIST800-53 and other infosec frameworks
• Technical experience in systems administration, software engineering, digital forensics, security engineering and/or privacy engineering
• Background in security risk management and analysis
• Excitement to learn and get things done right
• Empathy for your internal and external customers and excellent communication skills, since you’ll be working with folks of all backgrounds -- technical and non-technical alike!

You’d be a great fit with:

• Masters degree in Cybersecurity
• Proven ability to lead security initiatives and conversations
• Prior experience with SOC2 audits
• Prior experience with security automation tools