GRC Engineer

Job Summary

A company is looking for a GRC Engineer to build and own its Governance, Risk, and Compliance program.

Key Responsibilities

• Own the compliance function, including frameworks, policies, controls, and audits
• Lead initiatives for next certifications, such as FedRAMP, and collaborate across the organization
• Partner with customers to support audits and enhance trust in the compliance program

Required Qualifications

• 5+ years in a GRC or compliance role with program ownership experience at a cloud-native company
• Hands-on experience implementing or auditing SOC 2 and another major framework (ISO 27001, PCI DSS, NIST 800-53)
• Proficiency in at least one programming or scripting language (Python, TypeScript, Go, etc.)
• Experience with GRC automation platforms (Vanta, Drata, etc.)
• Knowledge of privacy regulations (GDPR, CCPA, HIPAA) and PII classification is a bonus