Senior GRC Security Engineer
Location: Remote
Compensation: To Be Discussed
Reviewed: Mon, Jun 29, 2026
This job expires in: 25 days
Job Summary
To support the company's growth, the full-time Senior GRC Security Engineer will manage compliance programs, risk management processes, and third-party security reviews while working remotely.
Key responsibilities
- Lead the execution of ISO 27001 and SOC 2 Type II compliance programs, ensuring controls and evidence collection are maintained
- Run risk management processes, including assessments and treatment plans, while collaborating with stakeholders to prioritize remediation actions
- Oversee third-party security reviews and internal controls, identifying gaps and ensuring remediation efforts are tracked effectively
Required qualifications
- At least 7+ years of experience in a cybersecurity product company or internet-scale SaaS environment
- Hands-on experience with ISO 27001 and familiarity with maintaining certification programs
- Ability to conduct structured risk assessments and facilitate discussions with both technical and non-technical stakeholders
- Fluency in French and English with clear communication skills, both written and verbal
- Technical fluency to assess tools and processes critically, engaging with engineering teams on remediation efforts
COMPLETE JOB DESCRIPTION
The job description is available to subscribers. Subscribe today to get the full benefits of a premium membership with Virtual Vocations. We offer the largest remote database online...