Security & Compliance Engineer

Grant Street Group

Job Overview

Location

United States (Remote)

Job Type

Full-time

Full Job Description

📋 Description

• As a Security & Compliance Engineer at Grant Street Group, you will play a critical role in safeguarding the company’s SaaS platforms that handle electronic payments, auctions, and tax collection by transforming security findings into actionable fixes across hybrid AWS and on-prem Linux environments.
• Your day-to-day responsibilities will include reviewing vulnerability findings from scanners and penetration tests, driving remediation to closure, supporting compliance activities for GovRAMP/FedRAMP and PCI DSS, maintaining security documentation, and collaborating with engineering and infrastructure teams on secure configurations, logging, monitoring, and incident readiness.
• Grant Street Group is a growing provider of mission-critical SaaS solutions in the public sector and financial services space, where security and compliance are foundational to customer trust and operational continuity.
• In this role, you will deepen your expertise in cloud security, compliance frameworks, and operational security practices while contributing directly to audit readiness and the continuous improvement of security posture across complex hybrid environments.

🎯 Requirements

• 3+ years of experience in security engineering, security operations, infrastructure security, or security compliance
• Hands-on experience working in Linux-based production environments and securing Linux systems
• Experience securing AWS environments and using services such as IAM, CloudTrail, GuardDuty, Security Hub, Config, Inspector, and KMS
• Working knowledge of vulnerability management, configuration management, logging, monitoring, access control, and incident response practices
• Scripting experience in Python, Bash, PowerShell, or similar for automation, security operations, and reporting tasks
• Strong written and verbal communication skills, with the ability to move issues from discovery through remediation across multiple teams

🏖️ Benefits

• Opportunity to work across both cloud and legacy infrastructure in a hybrid environment
• Chance to support regulated and highly audited environments including GovRAMP, FedRAMP, and PCI DSS
• Ability to use AI tools responsibly to enhance workflows in triage, investigation, scripting, and reporting
• Experience with security data lakes, OCSF schema management, and security data transformation pipelines
• Involvement in POA&M tracking, exception handling, and remediation coordination processes
• Exposure to cross-team collaboration on secure configuration, access control, logging, monitoring, and incident readiness

Skills & Technologies

Python

AWS

Linux

Remote

Ready to Apply?

Apply Externally

You will be redirected to an external site to apply.

AI Job Fit Analysis

Pro

See exactly how your profile matches this role — strengths, skill gaps, and what to do about them.

Grant Street Group

Visit Website

About Grant Street Group

Grant Street Group is a privately-held financial technology firm founded in 1997 in Pittsburgh, Pennsylvania. The company provides cloud-based software and services that automate payments, collections, auctions, and compliance for public-sector clients, including state and local governments, utilities, and courts. Core platforms handle online real-estate tax payments, electronic vehicle registration, electronic tolling, and municipal bond auctions. The company emphasizes security, scalability, and regulatory compliance, processing billions in transactions annually without holding customer funds. Its solutions integrate with existing government systems, reduce manual processing, and offer real-time reporting, serving more than 2,500 public agencies across the United States.

View Company Profile

Get more remote jobs like this

Subscribe to the weekly newsletter for similar remote roles and curated hiring updates.

Weekly remote jobs and featured talent.

No spam. Only curated remote roles and product updates. You can unsubscribe anytime.