GRC Engineer

Genesys empowers organizations of all sizes to improve loyalty and business outcomes by creating the best experiences for their customers and employees. Through Genesys Cloud, the AI-powered Experience Orchestration platform, organizations can accelerate growth by delivering empathetic, personalized experiences at scale to drive customer loyalty, workforce engagement, efficiency and operational improvements.

We employ more than 6,000 people across the globe who embrace empathy and cultivate collaboration to succeed. And, while we offer great benefits and perks like larger tech companies, our employees have the independence to make a larger impact on the company and take ownership of their work. Join the team and create the future of customer experience together.

GRC Engineer

India (Flexible)

Role Overview:
Drive the integrity and scalability of the Genesys Cloud GRC program by securing a modern, microservices-based SaaS platform operating at global scale. This role protects customer, employee, and enterprise data by embedding security and compliance into cloud architecture, engineering workflows, and audit processes. At Genesys, we are redefining customer experience through AI, cloud, and empathy-driven innovation, and this role directly influences how securely that experience is delivered worldwide. You will partner across engineering, product, and audit teams to shape secure design decisions, strengthen control frameworks, and enable continuous compliance in a fast-evolving environment. This position offers visibility into enterprise-scale systems, exposure to advanced cloud security practices, and the opportunity to influence platform-level security strategy.

Key Responsibilities:

• Lead technical security assessments across applications, cloud services, and third-party integrations to strengthen risk posture and ensure continuous compliance
• Validate and enhance security controls across AWS environments to improve resilience, data protection, and audit readiness
• Drive architecture reviews to identify security gaps, misconfigurations, and design risks, influencing secure system design at scale
• Partner with engineering teams to implement secure SDLC practices, including zero trust and least privilege principles
• Deliver audit readiness by leading technical walkthroughs, presenting evidence, and demonstrating control effectiveness to external auditors
• Translate regulatory and framework requirements into scalable technical controls that align with ISO 27001, SOC 2, PCI DSS, and internal standards
• Own GRC program activities including risk assessments, gap analysis, remediation tracking, and evidence management across business units
• Enable continuous improvement by advancing risk assessment methodologies, automation, and security tooling across the organization
• Provide expert guidance on threat modeling, vendor risk assessments, and third-party security evaluations to reduce enterprise risk exposure.

Required Qualifications:

• 2+ years of experience in GRC, security engineering, architecture review, or related technical security roles
• Strong understanding of AWS cloud security controls and SaaS security principles
• Experience supporting audits and demonstrating control effectiveness in regulated environments
• Working knowledge of frameworks such as ISO 27001, ISO 27017, ISO 27018, SOC 2, and PCI DSS
• Ability to conduct technical risk assessments and translate findings into actionable recommendations
• Understanding of CI/CD pipelines, IAM, network security, and logging systems
• Strong communication skills with the ability to convey technical risks to business stakeholders
• Experience using version control systems such as Git.

Preferred Qualifications:

• Experience with global compliance frameworks such as K-FSI, ISMAP, IRAP Protected, UK Cyber Essentials Plus, DORA, ENS, or HDS
• Hands-on experience reviewing architecture diagrams, data flows, and engineering design patterns
• Exposure to additional cloud platforms such as AWS, GCP or Azure
• Experience conducting cloud architecture security reviews
• Programming or scripting experience in Python or PowerShell
• Familiarity with AI or ML architecture governance and security considerations
• Experience with API integrations and orchestration
• Knowledge of threat modeling methodologies and security-as-code practices
• Industry certifications such as CISM, CRISC, CISSP, CCSP, or AWS Security Specialty
• Experience working in high-scale SaaS or regulated environments
• Demonstrated leadership in GRC initiatives or cross-functional security programs

If a Genesys employee referred you, please use the link they sent you to apply.

About Genesys:

Genesys® empowers more than 8,000 organizations worldwide to create the best customer and employee experiences. With agentic AI at its core, Genesys Cloud™ is the AI-Powered Experience Orchestration platform that connects people, systems, data and AI across the enterprise. As a result, organizations can drive customer loyalty, growth and retention while increasing operational efficiency and teamwork across human and AI workforces. To learn more, visit www.genesys.com.

Reasonable Accommodations:

If you require a reasonable accommodation to complete any part of the application process, or are limited in your ability to access or use this online application and need an alternative method for applying, you or someone you know may contact us at reasonable.accommodations@genesys.com.

You can expect a response within 24–48 hours. To help us provide the best support, click the email link above to open a pre-filled message and complete the requested information before sending. If you have any questions, please include them in your email.

This email is intended to support job seekers requesting accommodations. Messages unrelated to accommodation—such as application follow-ups or resume submissions—may not receive a response.

Genesys is an equal opportunity employer committed to fairness in the workplace. We evaluate qualified applicants without regard to race, color, age, religion, sex, sexual orientation, gender identity or expression, marital status, domestic partner status, national origin, genetics, disability, military and veteran status, and other protected characteristics.

Please note that recruiters will never ask for sensitive personal or financial information during the application phase.