We are seeking an eGRC Senior API Developer to support the implementation of a modernized enterprise Governance, Risk and Compliance (eGRC) platform through automation, integration and process optimization. This role is responsible for developing and integrating automation solutions, supporting cybersecurity process modernization and collaborating with stakeholders to improve governance, risk and compliance capabilities. The eGRC Senior API Developer position partners with Professional Services resources and cyber practitioners to deliver secure, efficient and scalable automation solutions. This is a unique opportunity to shape the growth, development and culture of an exciting and fast-growing company in the cybersecurity market.
What you'll be doing:
- Install, configure and deploy workflow technologies for use in a federal environment.
- Integrate Security Orchestration, Automation and Response (SOAR) solutions with RegScale and Axonius.
- Troubleshoot automation solutions, scripts and SOAR platforms.
- Develop custom scripts and content to support automation initiatives.
- Automate cybersecurity and compliance-related processes.
- Perform quality reviews of custom scripts and developed content.
- Practice good technique by utilizing configuration control and code retention tools such as GitHub .
- Participate in documented change control processes.
- Research and document cybersecurity processes, including Risk Management Framework (RMF) 2.0 and Cyber Supply Chain Risk Management (C-SCRM).
- Interview cyber practitioners to capture existing cybersecurity processes.
- Review and recommend enhancements to cybersecurity processes.
- Coordinate with cyber practitioners to refine automation content and ensure mission requirements are met.
- Capture, refine and mature development processes and practices.
What you need to know:
- SOAR technologies and automation concepts.
- Scripting and software development practices.
- Cybersecurity functions, processes and automation.
- RMF functions and processes.
- Configuration management, source code repositories and change control practices.
- Cybersecurity process analysis, documentation and process improvement.
Must have's:
- Bachelor's degree in Information Management, Cybersecurity, Data or a related field.
- One or more of the following certifications: (ISC)2 Certified Information Security Professional (CISSP), CompTIA Security + (Sec+), CAP, CISA, CISM, SSCP, Network + (N+), Certified Ethical Hacker (CEH), PMP, CSM, PMI-ACP.
- 10+ years of relevant experience, including at least 5 years of development or scripting experience and 2 years of cybersecurity operations experience (excluding policy).
- SOAR development experience.
- Strong understanding of cybersecurity functions and processes.
- Strong understanding of RMF functions and processes.
- Experience utilizing code repositories such as GitHub.
- Experience developing custom scripts and content to support automation.
- Experience working with Microsoft Visio.
- Strong interpersonal skills to coordinate with and interview cyber practitioners.
- Proven ability to analyze complex requirements and translate them into clear, actionable tasks and processes through critical thinking.
- Applicants must currently be a U.S. citizen and eligible to obtain and maintain a security clearance, in compliance with federal contract requirements.
Beneficial to have:
- Experience integrating eGRC technologies with external systems.
- Experience with RegScale.
- Experience with Tines SOAR.
- Experience with Splunk Phantom SOAR.
- Experience with Robotic Process Automation (RPA).
- Top Secret/Q clearance.
Where it's done: