Security Engineer – GRC

Company Description

Wix makes it possible for anyone to succeed online. Since 2006, we’ve grown to around 5,300 employees in 22 countries, launched over 40 products, and serve over 299 million users and their visitors worldwide. At Wix, we push you to innovate, evolve in non-traditional ways, and collaborate. We operate in small teams that work closely together at a high level.  

Although we’re already industry leaders in web creation and business, our work is nowhere near done. Our goal is to become the main engine of the Internet so we can create a more open web for all.  

We're proud to be an equal opportunity employer. Wix was built around the idea that everyone has the right to be successful, online. This same vision defines us as an employer: creating a work environment where everyone is welcome, and anyone has the right to succeed.

As an AI native GRC Engineer, you will be a key business enabler, ensuring the organization operates effectively, fast, and securely. You will design and maintain cybersecurity tools while leading SaaS security and supply chain initiatives including SSPM, vendor assessments (TPRM), and NHI monitoring. By mitigating risks in software dependencies and collaborating across IT and Business teams, you will bridge the gap between robust security and operational velocity, driving actionable plans for growth.

In your day-to-day, you will:

• Deploy and configure security tools, AI tools, processes, and flows to drive efficiency across GRC processes.

• Build integrations using API’s and webhooks to streamline GRC workflows  

• Monitor real-time activity across sensitive business applications, identifying misconfigurations, incorrect permissions, and policy violations.

• Collaborate with IT teams and business stakeholders to address security weaknesses and ensure alignment with security standards and company policies  

• Define automation processes to streamline detection and remediation of security gaps in sensitive applications and third-party integrations .

• Identify risks related to third-party integrations, automating their discovery and mitigation to minimize exposure across the SaaS environment  

**

At Wix, we believe our best work happens together. Our work model is fully in person, with 5 days a week from our office. Flexibility remains a core value at Wix and special requests are handled thoughtfully at the team level.

• 3-5 years of experience in security engineering.

• Hands-on experience in configuring cybersecurity tools.

• Strong foundation in core security concepts (e.g., authentication, network security, data protection, identity & access management, Saas security and cloud security)  

• Experience designing security controls for SaaS and hybrid environments  

• Fluent in English and Hebrew, with excellent verbal and written communication skills  

• Highly motivated self-learner who keeps up to date with the latest security tools, technologies, and best practices  

• Comfortable working independently while maintaining a high level of communication and alignment with global, cross-functional teams  

Nice-to-have:  

• Knowledge of compliance frameworks such as SOC 2, HIPAA, GDPR – an advantage  

• Degree in Computer Science, Cybersecurity, or a related field – an advantage  

• Exposure to security incident response and triage processes – an advantage  

• Familiarity with GRC platforms (e.g., OneTrust, Anecdotes, Drata, Vanta) – an advantage.

We are Wix's Security Guild. We're a group of highly motivated Security Engineers that form part of the Wix R&D group. We allow Wix Developers and users to achieve their goals without risk, often meaning we find or create unique solutions. Our work is exceptionally challenging due to Wix's scale, agility, and advanced technical diversity. When it comes to technology, we have the ultimate playground, and although we work together closely, there's always space for independence, innovation, and creativity.