Job description agileengine is one of the inc. 5000 fastest-growing companies in the u and a top-3 ranked dev shop according to clutch.
we create award-winning custom software solutions that help companies across 15+ industries change the lives of millions if you like a challenging environment where you're working with the best and are encouraged to learn and experiment every day, there's no better place - guaranteed!
:) what you will do - perform regular vulnerability scans across systems and applications; analyze findings and prioritize remediation based on business risk.
- maintain accurate asset inventories including sbom/hbom for core systems.
- collaborate with it/devops teams to track and validate the remediation of security vulnerabilities.
- coordinate evidence collection and preparation for external audits (soc2, hitrust, pci dss), reducing the operational burden on engineering teams.
- develop and maintain internal security policies and standards aligned with compliance requirements.
- monitor compliance posture, identify gaps, and support remediation plans.
- conduct recurring risk assessments to identify security control weaknesses and emerging threats.
- maintain the organization's risk register and follow up on mitigation efforts.
- evaluate risks related to emerging technologies, including generative ai.
- support incident response activities and address security inquiries from clients and partners.
- provide day-to-day guidance on security best practices to internal stakeholders.
must have - 4+ years of experience in cybersecurity with a focus on risk management and compliance.
- strong understanding of vulnerability management and risk assessment methodologies ( nist rmf, iso 27001 ).
- hands-on experience with compliance frameworks ( soc2, hitrust, pci dss ).
- excellent analytical skills and a collaborative approach, especially when working with it and devops teams.
- upper-intermediate english level.
nice to haves - familiarity with security tooling for audit automation or asset tracking.
- experience supporting incident response and customer-facing security assessments.
- awareness of modern security challenges in the healthcare or saas environment.
the benefits of joining us - professional growth accelerate your professional journey with mentorship, techtalks, and personalized growth roadmaps.
- competitive compensation we match your ever-growing skills, talent, and contributions with competitive usd-based compensation and budgets for education, fitness, and team activities.
- a selection of exciting projects join projects with modern solutions development and top-tier clients that include fortune 500 enterprises and leading product brands.
- flextime tailor your schedule for an optimal work-life balance, by having the options of working from home and going to the office – whatever makes you the happiest and most productive.
next steps after you apply the next steps of your journey will be shared via email within a few hours .
please check your inbox regularly and watch for updates from our internal applicant site, launchpod, which will guide you through the process.
requirements -4+ years of experience in cybersecurity with a focus on risk management and compliance.
- strong understanding of vulnerability management and risk assessment methodologies (nist rmf, iso 27001).
- hands-on experience with compliance frameworks (soc2, hitrust, pci dss).
- excellent analytical skills and a collaborative approach, especially when working with it and devops teams.
- upper-intermediate english level.