Senior Information Security Controls Automation Engineer (Cybersecurity)

TL;DR

Senior Information Security Controls Automation Engineer (Cybersecurity): Responsible for automating the review of security controls, both on-premises and in the cloud, with an accent on cybersecurity governance, risk, and compliance (GRC). Focus on implementing scripts or integrations for cloud and on-prem environments, validating outputs against security controls, and developing compliance dashboards.

Location: Hybrid

Company

hirify.global is a global data and technology company, powering opportunities for people and businesses around the world.

What you will do

• Analyze and automate existing manual test steps for assessing operating effectiveness of security controls in both cloud and on-prem environments.
• Develop automated control mechanisms (e.g. scripts, APIs, compliance dashboards), integrating validation logic into CI/CD pipelines, cloud environments, and endpoint tools.
• Allow continuous control monitoring (CCM) by developing reusable logic and ensuring automated controls produce evidence fit to support control assessments.
• Develop dashboards visualizing compliance status and resolve platform integration errors.
• Analyze false positives and lead remediation of those indicators.
• Maintain a control automation backlog and document all automated control logic, control mappings and system configurations.

Requirements

• 5+ years of experience in automation development.
• A bachelor's degree in computer science, management information systems, relevant field, or equivalent demonstrable experience.
• Knowledge of security tooling (e.g. SIEM, Identity and Access Management platforms, DLP), cloud platforms (AWS, GCP, Azure), Infrastructure as Code (Terraform) and scripting languages (e.g. Python, JavaScript, Ruby, C#, PowerShell).
• Knowledge of cloud architecture and cybersecurity domains and principles.
• Experience in efficiency and risk reduction.
• Professional certification such as AWS Solutions Architect, CCSP, CISSP, CRISC, ISO 27001 Lead Auditor, or equivalent.

Nice to have

• Experience with workflow automation platform tines.io is beneficial.
• Experience with Open Policy Agent (OPA) and Rego.
• Experience with information security control testing methodologies, information security risk assessments, and auditing tools is beneficial.

Culture & Benefits

• Medical, life and dental insurance.
• Asociación Solidarista.
• International Share Save Plan.
• Flex Work/Work from home.
• Paid time off, Birthday day off, Annual Performance Bonus, Education Reimbursement, Family Bonding, Bereavement Leave, Referral Program, and more.