GRC Engineer - Remote Eligible

GRC Engineer India (Flexible)

Role Overview: Drive the integrity and scalability of the Genesys Cloud GRC program by securing a modern, microservices-based SaaS platform operating at global scale. This role protects customer, employee, and enterprise data by embedding security and compliance into cloud architecture, engineering workflows, and audit processes. At Genesys, we are redefining customer experience through AI, cloud, and empathy-driven innovation, and this role directly influences how securely that experience is delivered worldwide. You will partner across engineering, product, and audit teams to shape secure design decisions, strengthen control frameworks, and enable continuous compliance in a fast-evolving environment. This position offers visibility into enterprise-scale systems, exposure to advanced cloud security practices, and the opportunity to influence platform-level security strategy.

Key Responsibilities:

• Lead technical security assessments across applications, cloud services, and third-party integrations to strengthen risk posture and ensure continuous compliance
• Validate and enhance security controls across AWS environments to improve resilience, data protection, and audit readiness
• Drive architecture reviews to identify security gaps, misconfigurations, and design risks, influencing secure system design at scale
• Partner with engineering teams to implement secure SDLC practices, including zero trust and least privilege principles
• Deliver audit readiness by leading technical walkthroughs, presenting evidence, and demonstrating control effectiveness to external auditors
• Translate regulatory and framework requirements into scalable technical controls that align with ISO 27001, SOC 2, PCI DSS, and internal standards
• Own GRC program activities including risk assessments, gap analysis, remediation tracking, and evidence management across business units
• Enable continuous improvement by advancing risk assessment methodologies, automation, and security tooling across the organization
• Provide expert guidance on threat modeling, vendor risk assessments, and third-party security evaluations to reduce enterprise risk exposure.

Required Qualifications:

• 2+ years of experience in GRC, security engineering, architecture review, or related technical security roles
• Strong understanding of AWS cloud security controls and SaaS security principles
• Experience supporting audits and demonstrating control effectiveness in regulated environments
• Working knowledge of frameworks such as ISO 27001, ISO 27017, ISO 27018, SOC 2, and PCI DSS
• Ability to conduct technical risk assessments and translate findings into actionable recommendations
• Understanding of CI/CD pipelines, IAM, network security, and logging systems
• Strong communication skills with the ability to convey technical risks to business stakeholders
• Experience using version control systems such as Git.

Preferred Qualifications:

• Experience with global compliance frameworks such as K-FSI, ISMAP, IRAP Protected, UK Cyber Essentials Plus, DORA, ENS, or HDS
• Hands-on experience reviewing architecture diagrams, data flows, and engineering design patterns
• Exposure to additional cloud platforms such as AWS, GCP or Azure
• Experience conducting cloud architecture security reviews
• Programming or scripting experience in Python or PowerShell
• Familiarity with AI or ML architecture governance and security considerations
• Experience with API integrations and orchestration
• Knowledge of threat modeling methodologies and security-as-code practices
• Industry certifications such as CISM, CRISC, CISSP, CCSP, or AWS Security Specialty
• Experience working in high-scale SaaS or regulated environments
• Demonstrated leadership in GRC initiatives or cross-functional security programs