Security Engineer – GRC

<p>As an <strong>AI native GRC Engineer</strong>, you will be a key business enabler, ensuring the organization operates <strong>effectively, fast, and securely</strong>. You will design and maintain cybersecurity tools while leading SaaS security and supply chain initiatives including SSPM, vendor assessments (TPRM), and NHI monitoring. By mitigating risks in software dependencies and collaborating across IT and Business teams, you will bridge the gap between robust security and <strong>operational velocity</strong>, driving actionable plans for growth.</p><p>In your day-to-day, you will:</p><ul><li><p>Deploy and configure security tools, AI tools, processes, and flows to drive efficiency across GRC processes.</p></li><li><p>Build integrations using API’s and webhooks to streamline GRC workflows&#xa0;&#xa0;</p></li><li><p>Monitor real-time activity across sensitive business applications, identifying misconfigurations, incorrect permissions, and policy violations.</p></li><li><p>Collaborate with IT teams and business stakeholders to address security weaknesses and ensure alignment with security standards and company policies&#xa0;&#xa0;</p></li><li><p>Define automation processes to streamline detection and remediation of security gaps in sensitive applications and third-party integrations .</p></li><li><p>Identify risks related to third-party integrations, automating their discovery and mitigation to minimize exposure across the SaaS environment&#xa0;&#xa0;</p></li></ul><p>**</p><p><strong>At Wix, we believe our best work happens together. Our work model is fully in person, with 5 days a week from our office. Flexibility remains a core value at Wix and special requests are handled thoughtfully at the team level.</strong></p> <ul><li><p>3-5 years of experience in security engineering.</p></li><li><p>Hands-on experience in configuring cybersecurity tools.</p></li><li><p>Strong foundation in core security concepts (e.g., authentication, network security, data protection, identity &amp; access management, Saas security and cloud security)&#xa0;&#xa0;</p></li><li><p>Experience designing security controls for SaaS and hybrid environments&#xa0;&#xa0;</p></li><li><p>Fluent in English and Hebrew, with excellent verbal and written communication skills&#xa0;&#xa0;</p></li><li><p>Highly motivated self-learner who keeps up to date with the latest security tools, technologies, and best practices&#xa0;&#xa0;</p></li><li><p>Comfortable working independently while maintaining a high level of communication and alignment with global, cross-functional teams&#xa0;&#xa0;</p></li></ul><p><strong>Nice-to-have:&#xa0;&#xa0;</strong></p><ul><li><p>Knowledge of compliance frameworks such as SOC 2, HIPAA, GDPR – an advantage&#xa0;&#xa0;</p></li><li><p>Degree in Computer Science, Cybersecurity, or a related field – an advantage&#xa0;&#xa0;</p></li><li><p>Exposure to security incident response and triage processes – an advantage&#xa0;&#xa0;</p></li><li><p>Familiarity with GRC platforms (e.g., OneTrust, Anecdotes, Drata, Vanta) – an advantage.</p></li></ul> <p>We are Wix's Security Guild. We're a group of highly motivated Security Engineers that form part of the Wix R&amp;D group. We allow Wix Developers and users to achieve their goals without risk, often meaning we find or create unique solutions. Our work is exceptionally challenging due to Wix's scale, agility, and advanced technical diversity. When it comes to technology, we have the ultimate playground, and although we work together closely, there's always space for independence, innovation, and creativity.</p>