Senior Full-Stack Security/GRC Platform Engineer
New
USFull-TimeSenior
Salary$86,500–$129,900 annually, with eligibility for discretionary bonuses
Apply NowOpens the employer's application page
Job Details
- Experience
- 6+ years
- Required Skills
- DockerPostgreSQLPythonTypeScriptFastAPIReactCI/CDTerraform
Requirements
- 6+ years of professional experience in Python backend development
- Strong expertise in FastAPI, Pydantic, SQLAlchemy, Alembic, async Python, and pytest
- Solid frontend experience with React, TypeScript, Vite, React Router, and React Query
- Strong PostgreSQL knowledge, including schema design, indexing, migrations, and JSON/JSONB handling
- Experience building and maintaining large-scale APIs and generated SDK/client ecosystems
- Familiarity with async worker systems and Redis-based queues
- Strong security engineering fundamentals, including authentication, authorization, RBAC, and secure coding practices
- Ability to troubleshoot complex distributed systems where documentation, code, and runtime may diverge
- Experience with DevOps tools such as Docker Compose, CI/CD pipelines, and infrastructure-as-code (e.g., Terraform)
- Understanding of GRC and security frameworks such as NIST 800-53, RMF, FedRAMP, FISMA, CMMC, ZTA, and related standards
- Experience with AI/LLM systems such as RAG, embeddings, prompt design, and structured context management preferred
Responsibilities
- Maintain and extend a large-scale full-stack GRC platform spanning FastAPI backend services, React/TypeScript frontend applications, and PostgreSQL data systems
- Design, implement, and optimize APIs, database schemas, migrations, and async worker workflows to ensure system reliability and performance
- Develop and enhance UI workflows supporting security, compliance, risk, and audit processes across complex enterprise environments
- Integrate and normalize security scanner outputs (SAST, IaC, cloud, vulnerability, identity, and more) into structured compliance workflows
- Maintain AI-assisted platform features using provider abstraction layers, including retrieval, context management, and evidence-based outputs
- Support GRC workflows such as risk management, control mapping, evidence collection, POA&Ms, SSPs, and audit reporting
- Ensure system quality through robust testing, linting, CI/CD validation, observability, and production monitoring practices
- Debug and resolve issues across the full stack, including API contracts, frontend state, database integrity, and deployment environments
- Collaborate on infrastructure reliability using Docker-based development environments and cloud-native operational tooling
View Full Description & ApplyYou'll be redirected to the employer's site
