Senior GRC Engineer

Job Summary

A company is looking for a Senior GRC Engineer to enhance compliance and risk management through automation and engineering excellence.

Key Responsibilities:

• Build automation and integrations between GRC frameworks and security/engineering tools
• Lead automation-driven control assessment, evidence collection, and reporting processes
• Design and implement compliance-as-code frameworks, integrating security controls into infrastructure as code (IaC) and CI/CD pipelines

Qualifications:

• 5+ years of experience in GRC, compliance, or security engineering roles with significant automation experience
• Experience developing scripts in various scripting languages (Python, Go, etc.) and peer reviewing code
• Knowledge of various regulations and controls (SOX, GDPR, ISO27001, NIST, etc.)
• Experience with GRC software tools and platforms (e.g., Drata, Vanta) for risk assessment and compliance monitoring
• Understanding of infrastructure as code (Python CDK, CloudFormation, Terraform, etc.) for embedding compliance controls