Security Engineer

The Company Serving the People Who Serve the People 
Granicus is driven by the excitement of building, implementing, and maintaining technology that is transforming the Govtech industry by bringing governments and its constituents together. We are on a mission to support our customers with meeting the needs of their communities and implementing our technology in ways that are equitable and inclusive. Granicus has consistently appeared on the GovTech 100 list over the past 5 years and has been recognized as the best companies to work on BuiltIn.  
Over the last 25 years, we have served 5,500 federal, state, and local government agencies and more than 300 million citizen subscribers power an unmatched Subscriber Network that use our digital solutions to make the world a better place. With comprehensive cloud-based solutions for communications, government website design, meeting and agenda management software, records management, and digital services, Granicus empowers stronger relationships between government and residents across the U.S., U.K., Australia, New Zealand, and Canada. By simplifying interactions with residents, while disseminating critical information, Granicus brings governments closer to the people they serve—driving meaningful change for communities around the globe. Want to know more? See more of what we do here.  

What you will be doing:

• Manage and improve the operations of existing security tools, including Vulnerability Management, Threat Intelligence, end Endpoint Detection and Response
• Run vulnerability (SAST) and application (DAST) scans accurately and on a timely basis
• Work with Compliance colleagues to accurately document and track vulnerabilities and remediation
• Manage the lifecycle of organizational security tools
• Help technical teams determine application risks related to privileged access on endpoints
• Work with cross functional teams as a security representative during incidents
• Review proposed changes for potential security issues
• Participate in an on-call rotation to ensure 24x7 escalation support for incidents
• Ensure the confidentiality, integrity, and availability of information assets
• Some things we’d like you to know (you don’t have to have them all):
• A passion to figure out the who, what, when, and why of a situation
• An attention to detail to ensure the vulnerability management operations are run accurately
• Direct experience in the specific technical areas of systems administration, application development, database administration, network operations, or data center operations
• The ability to continuously learn new methods and technologies and identify gaps that should be addressed
• Experience in a common scripting language like Python, Powershell, etc
• Running a vulnerability management process using common technologies like Nessus
• Understanding of Infrastructure as a Service (IaaS) cloud platforms, such as IAM, compute (EC2), networking (VPC, Load Balancers), serverless (Lamda), and Containers (EKS), in order to identify and prioritize potential security challenges
• Familiarity with IDS/IPS, SIEM, DLP, firewalls, vulnerability management systems, and endpoint security products, including management and configuration of the tools
• Ability to write technical Standard Operating Procedures (SOPs) and train team members

Closing from Default - All locations
Don’t have all the skills/experience mentioned above? At Granicus, we are trying to build diverse, inclusive teams. We do not have degree requirements for most of our roles. If you don’t meet every requirement above but are excited to learn more, we encourage you to apply. We might just be able to find another role that could be a perfect fit! 
Security and Privacy Requirements-     Responsible for Granicus information security by appropriately preserving the Confidentiality, Integrity, and Availability (CIA) of Granicus information assets in accordance with the company's information security program.-     Responsible for ensuring the data privacy of our employees and customers, their data, as well as taking all required privacy training in a timely manner, in accordance with company policies.
The Team- We are a remote-first company with a globally distributed workforce across the United States, Canada, United Kingdom, India, Armenia, Australia, and New Zealand.
The Culture- At Granicus, we are building a transparent, inclusive, and safe space for everyone who wants to bea part of our journey.- A few culture highlights include – Employee Resource Groups to encourage diverse voices- Coffee with Mark sessions – Our employees get to interact with our CEO on very important andsometimes difficult issues ranging from mental health to work-life balance and current affairs. - Microsoft Teams communities focused on wellness, art, furbabies, family, parenting, and more.-=- - We bring in special guests from time to time to discuss issues that impact our employeepopulation 
The Impact- We are proud to serve dynamic organizations around the globe that use our digital solutions to make the world a better place — quite literally. We have so many powerful success stories that illustrate how our solutions are impacting the world. See more of our impact here.
Granicus is committed to providing equal employment opportunities. All qualified applicants and employees will be considered for employment and advancement without regard to race, color, religion, creed, national origin, ancestry, sex, gender, gender identity, gender expression, physical or mental disability, age, genetic information, sexual or affectional orientation, marital status, status regarding public assistance, familial status, military or veteran status or any other status protected by applicable law.