Staff GRC Engineer

Job Summary

To enhance governance, risk, compliance, and data security capabilities, the full-time remote Staff GRC Engineer will lead the development of a control framework, automate compliance processes, and improve data security policies while collaborating with various teams to ensure effective operational execution.

Key responsibilities

• Design and maintain an auditable control framework tailored to the company's SaaS and cloud environment
• Implement continuous control monitoring and automation for compliance workflows and high-value controls
• Define and mature data security policies, ensuring they align with technical practices and operational needs

Required qualifications

• 8+ years of experience in security GRC, compliance, or risk management in a SaaS or cloud-native environment
• Strong knowledge of security compliance frameworks such as ISO-27001, NIST CSF, SOC 2, and PCI-DSS
• Experience automating compliance programs using scripting, APIs, or dashboards
• Familiarity with implementing engineering guardrails for compliance using Policy-as-Code or secure configurations
• Proven ability to collaborate with technical teams to design effective controls and workflows