Governance, Risk, and Compliance (GRC) Engineer

Posted 21 days agoViewed

💎 Seniority level: Senior, 7+ years

📍 Location: United States

💸 Salary: 130900.0 - 223975.0 USD per year

🔍 Industry: Software Development

🗣️ Languages: English

⏳ Experience: 7+ years

🪄 Skills: AWSSQLCloud ComputingCybersecurityGCPGitAzureREST APICI/CDComplianceJSONRisk ManagementScriptingData management

7+ years of experience in IT audit, GRC, and/or information security
One or more of the following certifications CISA, PCIP, CIPP, or equivalent
Extensive knowledge of security compliance frameworks, including interpretation and implementation
Hands on experience using and managing GRC and security tools
Demonstrated problem solving abilities; as shown through outsized accomplishments for the role held
Understanding of compliance levers in cloud (AWS, GCP, Azure)
Ability to learn quickly and adapt techniques supporting a startup environment
Flexibility to pick up additional tasks where needed
Deep understanding of database technologies is a plus
Hands on experience coding (scripting, software development) is a plus

Work across the company to define and deliver compliance programs, including SOC 2, ISO 27001, PCI, HIPAA, GDPR, FedRAMP, etc.
Work with engineering to validate compliance-relevant changes, including performing product testing and help draft documentation
Perform compliance monitoring tasks, including employee security onboarding, performing vendor reviews, responding to customer surveys, and performing quarterly access reviews, ASV scans, and risk assessment refresh
Coordinate with Operations to support access governance through Okta and Lumos onboarding and configuration
Coordinate with Marketing and Privacy Legal to support the company’s privacy tooling
Coordinate with Security to maintain corporate security tooling and processes