Sr. GRC Engineer
New
New York, NY or RemoteFull-TimeSenior
Salary not disclosed
Apply NowOpens the employer's application page
Job Details
- Experience
- 5+ years
- Required Skills
- PythonCloud ComputingJavascriptLookerHIPAA
Requirements
- 5+ years of combined experience across governance, risk, compliance, security engineering, or adjacent technical roles.
- Hands-on experience working with compliance frameworks such as SOC 2, HIPAA, HITRUST, NIST, and PCI.
- 3+ years of experience with ongoing compliance operations, with demonstrated progression from manual evidence collection to automated controls.
- 2+ years of hands-on experience implementing and administering continuous compliance and evidence automation platforms (e.g., Vanta, Drata, SecureFrame).
- Working knowledge of cloud computing platforms (AWS, Azure, GCP).
- Expertise in using Looker (or similar BI tool; HEX) to create dashboards and visualize GRC data.
- Ability to automate data ingestion, transformation, and reporting using scripting or programmatic approaches (e.g., Python, JavaScript, APIs, Tines).
- Strong analytical and root cause analysis skills.
Responsibilities
- Serve as both a risk practitioner and automation engineer.
- Own and maintain the compliance platform (Vanta), including control mapping, evidence collection, continuous monitoring, and audit workflows.
- Perform risk assessments, vendor security reviews, and control gap analyses, and track remediation through to completion.
- Manage control documentation, policies, procedures, and supporting artifacts across multiple compliance frameworks.
- Partner with Security, IT, Infrastructure, and Engineering teams to ensure technical and administrative controls align with documented policies and compliance requirements.
- Support internal and external audits (SOC 2, HIPAA, HITRUST).
- Own and maintain the cyber risk register, collaborating with risk owners to quantify risks and develop remediation plans.
- Develop and maintain risk reporting, metrics, and executive summaries with BI tools (Looker, Hex, etc).
View Full Description & ApplyYou'll be redirected to the employer's site