What are the responsibilities and job description for the Security Engineer position at AgreeYa Solutions?
Job Title : Senior Security Engineer
Location : 100% Remote
Duration : 12 Month Contract
Job Description :
Agreeya is Global integrator and seeking a Senior Security Engineer.
Objective :
We are looking for a Senior Security Engineer focused on third-party security risk management to help maintain, improve, and elevate our existing program. Reporting to the Third-Party Security Manager, you will support the overall operation and evolution of our third-party risk management program. The goal is to enforce and strengthen third-party security standards, perform assessments, track and report the security posture of our vendors and partners, and leverage technology to enable client to make quicker and better security-informed decisions.
You should have a broad technical background across a wide range of security disciplines and solutions, coupled with excellent presentation, writing, communication, and customer interface skills. Additionally, we are looking for someone experienced in risk and process automation and tool integration, who can enhance third-party security and seamlessly integrate it into our Remote Access strategy.
Responsibilities
Support the onboarding and oversight of key supplier and client relationships.
Assist with regulatory, client, internal, or other third-party audit / assessment requests.
Partner with internal stakeholders and senior leadership to make informed risk decisions regarding supplier selection and acquisitions.
Prepare regular and executive-level reporting on risk exposure for supplier and client audits / assessments.
Develop or refine assessment and risk management processes through system integration and risk automation.
Collaborate with other security and enterprise teams to optimize the third-party onboarding process.
Required Qualifications
Ability to communicate technical concepts to non-technical audiences.
Extensive experience leading and managing the full lifecycle of information security risk assessments and audits.
Deep knowledge of configuring, maintaining, and managing GRC / TPRM solutions.
In-depth understanding of information security frameworks and technical controls, with working knowledge of various regional and international compliance and privacy regulations.
Experience planning, developing, and implementing risk automation and system integrations to optimize third-party risk assessment and onboarding processes.
Development experience with Python, Go, or similar programming languages.
5 years of experience in Information Security Risk Management, Security Engineering, and / or GRC roles.
Desired Qualifications
Strong knowledge of access control and identity management systems.
Expertise in third-party continuous monitoring, supply chain monitoring, and threat intelligence.
Familiarity with data visualization tools for operational and risk tracking and reporting.
Working knowledge of one or more security domains, such as Identity & Access Management (I&AM), network security, cloud security, and / or application security.
Experience developing LLM applications with frameworks such as LangChain, AutoChain, or equivalent.
Experience developing or managing forensic watermarking tools to protect digital assets and enable traceability of leaks.
CISSP, CISA, CRISC, or similar certifications.
About AgreeYa :
AgreeYa Solutions is a leading global provider of software, solutions and services to small, medium and global Fortune 100 organizations. Founded in 1999 and headquartered in Folsom, Calif., AgreeYa has over 2,500 professionals helping clients across U.S, India, Mexico, and Singapore. Leveraging a technology-enabled, consultative approach and diverse talent, AgreeYa offers modern workplace, smart analytics, intelligent automation, AI / ML, cloud transformation, mobility and talent management solutions to deliver digital transformation to its clients. AgreeYa has received considerable recognition including certifications like Microsoft Solutions Partner and Cloud Solutions Provider, AICPA SOC 2 Type 2, SEI CMMI and ISO 9001 : 2015; and awards including 'Dream Company to Work For' and 'Best Employer Brand'.
