Gravie

Principal Information Security Engineer

Gravie

full-time

Posted on:

Location Type: Hybrid

Location: Minneapolis • Minnesota • 🇺🇸 United States

Visit company website
AI Apply
Apply

Salary

💰 $169,200 - $282,000 per year

Job Level

Lead

Tech Stack

AWSCloud

About the role

  • Assist the Chief Information Security Officer with all aspects of Gravie’s Information Security Program (Governance, Education & Awareness, Vulnerability Management, Incident Response, Security Engineering, Security Operations, etc.)
  • Develop your expertise and own entire verticals within our Information Security Program
  • Build a comprehensive Application Security Program and/or Vulnerability Management Program with a high degree of autonomy and creativity
  • Provide strategic input and be a stakeholder in how the security program evolves
  • Conduct outreach efforts and present on security topics internally at Gravie
  • Build relationships and collaborate with system owners to identify, track and remediate system and/or software vulnerabilities
  • Contribute to incident response efforts and support the evolution of our Security Incident Response Plan (SIRP)

Requirements

  • A track record of execution and delivery showing initiative, creativity and reliability
  • Strong verbal and written communication skills with an ability to elegantly convey complex topics and build consensus with stakeholders at all levels
  • Deep expertise with at least one of our security verticals with experience in a few
  • Experience on a small, high performing team with a wide range of responsibilities
  • AWS expertise with a mastery of modern cloud security/engineering topics
  • Development/Application Security background with an ability to create and lead an Application Security Program, lead a public Bug Bounty Program and be a go-to resource and security liaison for our Product Team
  • Experience building and running a comprehensive Vulnerability Management Program in a modern cloud environment.
  • Experience as an Incident Commander responsible for leading incident response efforts
  • Experience with GRC security functions related to HIPAA, SOC 2 and NIST.
  • Bachelor’s degree in Computer Science, Engineering, or a related field
Benefits
  • standard health and wellness benefits
  • alternative medicine coverage
  • flexible PTO
  • up to 16 weeks paid parental leave
  • paid holidays
  • 401k program
  • transportation perks
  • education reimbursement
  • 1 week of paid paw-ternity leave

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
Application SecurityVulnerability ManagementIncident ResponseSecurity EngineeringCloud SecurityAWSBug Bounty ProgramGRC SecurityHIPAASOC 2
Soft skills
communication skillsinitiativecreativityreliabilitycollaborationstakeholder engagementpresentation skillsconsensus buildingleadershipteamwork
Medtronic

Senior Product Security Engineer

Medtronic
Seniorfull-time$126k–$188k / yearColorado, Connecticut, Massachusetts, Minnesota · 🇺🇸 United States
Posted: 8 hours agoSource: medtronic.wd1.myworkdayjobs.com
CloudCyber SecuritySDLC
nVent

Senior Manager, Cybersecurity – Governance, Risk, Compliance

nVent
Seniorfull-time$146k–$272k / yearMinnesota, Wisconsin · 🇺🇸 United States
Posted: 23 hours agoSource: nvent.wd5.myworkdayjobs.com
Cyber Security
nVent

Director, Cybersecurity – Incident Response

nVent
Leadfull-time$175k–$255k / yearMinnesota, Wisconsin · 🇺🇸 United States
Posted: 23 hours agoSource: nvent.wd5.myworkdayjobs.com
Cyber SecurityTCP/IP
U.S. Bank

Information Security Engineer – Data Protection

U.S. Bank
Mid · Seniorfull-time$98k–$116k / yearMinnesota, North Carolina, Ohio · 🇺🇸 United States
Posted: 2 days agoSource: usbank.wd1.myworkdayjobs.com
AWSAzureCloudFirewallsPython