Security Assurance Engineer

ABOUT GQG PARTNERS

GQG Partners is an investment boutique which is a wholly owned subsidiary of a majority employee-owned company listed on the Australian Securities Exchange (ASX: GQG). The firm manages global and emerging market equities for institutions, advisors, and individuals worldwide. The company is headquartered in Ft. Lauderdale FL, with offices in New York, Seattle, London, Sydney, and Abu Dhabi. GQG Partners manages more than US $163 billion in client assets as of December 31, 2025 and employs approximately 240 associates worldwide.

GQG is passionate about investing and strives for the highest levels of excellence in a competitive industry. It is our responsibility to help investors secure their financial future and we are honored that our clients entrust us with their financial capital. We endeavor to create a business that is closely aligned with our clients' financial interests. And we strive for success at all levels of our organization through a commitment to independent thinking, continual growth, cultural integrity, and a deep knowledge of the markets.

BENEFIT OFFERINGS

• Generous medical, dental, and vision plans
• Paid and voluntary supplemental life insurance
• Healthcare spending account, flexible spending accounts, and transit benefit options
• Paid sick and personal time off, Parental Leave, and paid disability benefits
• Employee Assistance Program (EAP)
• 401K matching with immediate vesting

ABOUT THE POSITION

Job Title: Security Assurance Engineer
Employment Type: Exempt - FT
Location: New York, NY; Fort Lauderdale, FL (Hybrid, 3 days/week in office)
Salary Range: USD 140,000.00 - 180,000.00 plus annual discretionary bonus

We are seeking a Security Assurance Engineer to support our security risk management program with a strong focus on third-party risk assessments and hands-on technical security support. This role is ideal for someone with a solid technical security foundation who is interested in applying that knowledge to risk analysis, vendor assessments, and security decision-making.

Reporting to the CISO, the role primarily supports client-facing security assurance activities and provides support for Information Security operations and engineering, while also acting as an escalation point for technical/end user support.

KEY RESPONSIBILITIES

Third-Party Security Risk

• Perform third-party and vendor security risk assessments, including security questionnaires, evidence review, and control validation.
• Review SOC 1 / SOC 2 reports, penetration test summaries, and security documentation.
• Identify technical control gaps and clearly document risk, impact, and recommended remediation.
• Support vendor onboarding, renewals, and exception processes.
• Collaborate with procurement, legal, and business teams to ensure security and privacy requirements are integrated into vendor contracts and the lifecycle process.

Client & Stakeholder Support

• Compose thorough and well-articulated responses for client-facing security questionnaires, RFPs, and due diligence requests.
• Translate technical security controls into clear, accurate responses for non-technical audiences.
• Collaborate with internal teams to ensure consistent security messaging.

Technical Security & Operations Support

• Provide escalated technical support for security operations when risk or architectural analysis is required.
• Assist in evaluating and tuning security controls across cloud, identity, endpoint, and email security platforms.
• Participate in incident response activities, including technical investigation, impact analysis, and lessons learned.

Cloud, Identity & Security Tooling

Work hands-on with and assess controls across (but not limited to):

• Microsoft Azure and Entra ID (Azure AD)
• Conditional Access, identity protection, and access governance
• Microsoft Intune and endpoint security controls
• Microsoft Defender (Endpoint, Cloud, and Cloud Apps)
• Microsoft Purview (data protection and information governance)
• Proofpoint (email security)
• Zscaler (secure web gateway / zero trust access)
• Brand monitoring and digital risk protection tools

Risk & Documentation

• Document risk assessments, findings, and remediation tracking.
• Contribute to security standards, procedures, and control documentation.
• Support continuous improvement of third-party risk and cloud security practices.

QUALIFICATIONS

• Bachelor's degree.
• 2+ years of experience working with Microsoft security platforms (Azure, Entra ID, Defender, Intune, Purview), or 5+ years with comparable tools.
• Experience with third-party risk assessments and security questionnaires.
• Clear written and verbal communication skills with technical and non-technical audiences.
• Strong technical understanding of identity, cloud, and endpoint security concepts.
• Ability to analyze technical configurations and translate them into risk-based findings.
• Ability to work in a fast-paced environment both independently and collaboratively.
• Strong organizational skills with the ability to manage multiple tasks and meet deadlines.

PREFERRED QUALIFICATIONS

• Experience supporting or participating in incident response.
• Exposure to frameworks such as NIST CSF, ISO 27001, or SOC 2.
• Experience in a regulated or client-facing environment.
• Relevant certifications (CISSP, CCSP, AZ-500, SC-200, SC-300, or similar).

The base salary offered will be determined by variousfactors such as geographic location, relevant experience, education, andqualifications.
GQG Partners LLC is an Equal Opportunity Employer and will not engage in unlawful discrimination on any basis prohibited by local, state or federal law. This policy applies to all aspects of employment, including recruitment, placement, promotion, transfer, demotion, compensation, benefits, social and recreational activities and termination.
For moreinformation about equal employment opportunity, please click here for "EEO is the Law." GQG Partners LLC may participate in E-Verify,please view the following links for details in English and Spanish. Forinformation regarding your Right to Work, click here for details in English and Spanish.

Please refer to our Applicant Privacy Notice for important privacy disclosures.