Senior Security Engineer, GRC

Job Summary

As the primary owner of the customer-facing compliance program, the full-time remote Senior Security Engineer, GRC will manage the lifecycle of security questionnaires, due diligence requests, and compliance reviews while collaborating with Sales, Legal, and Product teams to ensure confidence in the organization's security posture.

Key responsibilities

• Own and prioritize the completion of customer security questionnaires and due diligence requests with a focus on accuracy and turnaround time
• Serve as the primary representative for security and compliance, leading discussions with enterprise customers and their security teams
• Build and maintain automation for compliance validation across key frameworks, coordinating evidence collection and managing auditor relationships

Required qualifications

• 8+ years of experience in GRC, information security compliance, or a closely related field
• Hands-on experience with at least two major compliance frameworks (SOC2, ISO 27001, HIPAA, etc.) and involvement in audits
• Proven track record managing high volumes of security questionnaires and enterprise due diligence requests
• Scripting and automation fluency (Python, Bash, or similar) with experience in building tools
• Bachelor's degree in Information Security, Computer Science, Business, or a related field (or equivalent experience)