Founding Security Operations & GRC Lead

Job ID : 062626
Working type : Remote
Education level : All Education Levels
Salary range : $190000 – $140000
Employment type : Full time
Experience level : Mid Level
Currency :
Job type : Permanent
Job location : Remote, NY, US
Job title :
Job salary :
Job salary currency :
Job salary unit :
Company name :
Company website :
Company tagline :
Company twitter :
Company video :
Location :
City : Remote
State : NY
Country : US
Application :
Job expires :
Remote position :

Founding Security Operations & GRC Lead

A newly established fintech and trust bank focused on digital payments and digital asset infrastructure.


Confidential Search

 Location: Remote, U.S.-Based

 Employment Type: Full-Time

 Compensation: $140,000–$190,000 Base Salary (Depending on Experience)



Position Overview


The Founding Security Operations & GRC Lead will serve as the internal owner of security operations execution and governance activities across cloud infrastructure, enterprise technology, product platforms, and third-party vendors.


The organization leverages specialized security, infrastructure, compliance, and advisory partners for implementation and monitoring activities; however, internal ownership of security findings, remediation tracking, risk management, control evidence, and examination readiness remains critical.


This role is ideal for someone with experience in security operations, cloud security, security governance, technology risk management, audit support, or security compliance within regulated industries.


Key Responsibilities

Security Operations

Manage day-to-day security operations across cloud, product, vendor, and enterprise technology environments.

Monitor and coordinate remediation of security findings from security tools, cloud monitoring services, and third-party assessments.

Review, triage, prioritize, track, and escalate security alerts and security-related issues.

Coordinate security incident response activities, including investigation support, escalation, evidence preservation, communications, and post-incident review.

Cloud Security

Support cloud-security posture management within AWS environments.

Oversee security controls related to:

IAM

CloudTrail

AWS Config

Security Hub

GuardDuty

Inspector

Macie

KMS

Secrets Manager

WAF

Backup and recovery controls

Maintain cloud-security documentation and evidence for audits and examinations.

Governance, Risk & Compliance (GRC)

Maintain security control documentation, audit evidence, risk registers, and security exception records.

Support access governance activities, including user access reviews, privileged access certifications, and joiner/mover/leaver processes.

Prepare and organize security evidence for internal audits, external audits, regulatory examinations, and third-party reviews.

Assist with ongoing compliance and examination-readiness initiatives.

Vendor Risk & Oversight

Coordinate security oversight activities involving critical third-party providers and security partners.

Review vendor security documentation, assessment results, penetration-test reports, and remediation plans.

Track vendor-related security issues and follow up on corrective actions.

Secure Development & Vulnerability Management

Partner with engineering and platform teams to support secure SDLC controls.

Coordinate remediation activities for findings from:

Vulnerability assessments

Penetration tests

Code reviews

SAST tools

Dependency scans

Secrets scanning

Container security reviews

Track remediation progress and ensure timely closure of identified risks.

Regulatory & Examination Readiness

Maintain organized, accurate, and examination-ready security evidence.

Support regulatory readiness activities and ensure security controls remain properly documented and defensible.

Provide regular updates to leadership regarding security risks, incidents, remediation efforts, and control effectiveness.

Qualifications

Required

7+ years of experience in one or more of the following areas:

Security Operations

Cloud Security

Information Security

Technology Risk

Incident Response

Vulnerability Management

GRC / Security Compliance

Experience supporting security programs in regulated or audit-sensitive environments.

Strong understanding of:

Incident response

Alert triage

Access reviews

Vulnerability management

Risk remediation

Security control documentation

Hands-on experience with AWS security services and cloud-security operations.

Experience working with SIEM, MDR, EDR, vulnerability management, identity management, and ticketing platforms.

Ability to coordinate effectively across technical teams, business stakeholders, and external partners.

Strong documentation, communication, and organizational skills.

Preferred

Experience within:

Banking

Fintech

Payments

Trust companies

Financial services

Digital asset or custody environments

Familiarity with:

OCC examination readiness

FFIEC guidance

NIST CSF

NIST 800-53

SOC 2

GLBA

CIS Controls

Experience supporting AWS multi-account cloud environments.

Exposure to digital assets, blockchain, stablecoins, wallets, custody platforms, or regulated payment systems.

Experience supporting Microsoft 365, endpoint security, identity governance, EDR, or SASE technologies.

Professional certifications such as:

CISSP

CISM

CISA

CCSP

AWS Security Specialty

GIAC

Security+


What Makes This Opportunity Unique

Founding-level security leadership role with significant visibility and impact

Opportunity to help build security operations and governance programs from the ground up

Direct interaction with executive leadership, including CTO/CISO

Exposure to regulatory, cloud-security, vendor-risk, and audit-readiness initiatives

Collaborative environment supported by specialized security and compliance partners

Remote work flexibility within the United States


Interested candidates should possess a hands-on approach, strong ownership mentality, and the ability to thrive in a fast-paced, high-growth environment where security, compliance, and operational excellence are critical to success.


Ro apply, please email your resume to xjiang@pasona.com