Skip to content
VantaVantaUnited States

Senior AI GRC Engineer

As a Senior AI GRC Engineer, you will lead governance, risk, and compliance initiatives related to Vanta’s internal AI adoption and customer-facing AI products. You will partner with engineering teams to build and monitor scalable guardrails and champion sustainable AI usage.

178k – 209k
Remote5+ YOESecurity Engineering

About the role

What you’ll do as a Senior AI GRC Engineer at Vanta:

  • Drive Vanta’s internal AI governance programs (e.g., ISO 42001) while also evaluating new frameworks for Vanta to adopt
  • Lead our cross-functional Hardening Enterprise AI Team (GRC Engineering, Corporate Engineering, Product Engineering, Security Engineering) in researching, implementing, and continuously monitoring scalable & compliant AI guardrails that optimally balance risk mitigation, compliance, and productivity
  • Partner closely with the rest of GRC Engineering and other Vanta’ns to ensure AI governance, risk management, and compliance are baked into Vanta’s programs, projects, and SDLCs
  • Champion sustainable AI usage across Vanta by being an early adopter and expert user of our AI tools and guardrails, regularly sharing best practices and use cases to foster responsible AI adoption across the company
  • Scale & streamline our GRC programs by building agentic AI & deterministic automation
  • Evangelize AI & GRC Engineering best practices and solutions through thought leadership on Vanta’s blog, social media, and virtual/in-person events

How to be successful in this role:

  • Strong experience inside and outside of work using AI agents, tools, and platforms to automate workflows and build tools, especially Anthropic products, OpenAI products, LangChain products, and/or Cursor
  • Experience using code and web APIs to automate workflows and build tools, especially with TypeScript, Go, and/or Python
  • Expertise in modern cloud-native web application development practices and related security best practices, especially in the context of AWS, containerized workloads, serverless architectures, and frontier AI platforms
  • Expertise in AI governance, risk, and compliance frameworks, such as ISO 42001, AIUC-1, EU AI Act, NIST AI RMF, UK AI Safety Framework, etc.
  • Experience with compliance programs for SOC 2, ISO 27001/17/18, ISO 27701, GDPR, etc.
  • Experience putting GRC Engineering principles and values into practice, especially control monitoring automation, systems & design thinking, and threat-informed GRC
  • Open to using AI to amplify their skills and strengthen their work - demonstrating curiosity, a willingness to learn, and sound judgment in applying AI responsibly to improve efficiency and impact.

What you can expect as a Vanta’n:

  • Industry-competitive salary and equity
  • Comprehensive medical, dental, and vision coverage, with 100% of employee-only benefit premiums covered for most medical plans
  • 16 weeks paid Parental Leave for all new parents
  • Health & wellness stipend
  • Remote workspace, internet, and cellphone stipend
  • Commuter benefits for team members who report to the SF and NYC office
  • Family planning benefits
  • Matching 401(k) contribution with immediate vesting
  • Flexible PTO policy, plus 80 hours of Sick Time
  • 11 company-paid holidays
  • Virtual team building activities, lunch and learns, and other company-wide events!

Skills

AnthropicOpenAILangChainCursorTypeScriptGoPythonAWSIso 42001SOC 2GDPR
DuckDuckGo

Senior Privacy Engineer

DuckDuckGoUnited States

Lead privacy engineering projects protecting user data across search, browser, and AI features. Own major privacy components, participate in audits, and mentor engineers using Go, Node.js, Python, or Perl.

179k – 179k
Remote5+ YOESecurity Engineering
DuckDuckGo

Senior Web Security Engineer, Browser Platform

DuckDuckGoUnited States

Conducts browser security audits, implements SERP mitigations like XSS prevention, manages SAST/DAST infrastructure, and leads red-team operations. Requires 7+ years in web security, advanced JavaScript, WebView experience, and vulnerability exploitation skills.

179k – 179k
Remote7+ YOESecurity Engineering
Postman

Senior GRC Engineer

PostmanSan Francisco, CA

Senior GRC Engineer responsible for designing, building, and operating automation, integrations, and AI-assisted workflows across governance, risk, and compliance. Leads compliance initiatives including SOC 2, ISO 27001, HIPAA, and FedRAMP while partnering with cross-functional teams to improve security assurance and audit readiness.

180k – 200k
On-site6+ YOESecurity Engineering
Monarch

Senior Application Security Engineer

MonarchUnited States

Senior Application Security Engineer embedded with product and engineering teams at Monarch, a personal finance platform. Conduct AppSec reviews, SAST/DAST, vulnerability management, and AI security for LLM features on Django/Python stack. Requires 5+ years in security engineering with Python and web security expertise.

180k – 215k
Remote5+ YOESecurity Engineering
Snowflake

Senior Red Team Engineer

SnowflakeUnited States

Senior Red Team Engineer performing security assessments, vulnerability discovery, and tool development across Snowflake's cloud environments. Requires 4+ years in offensive security, cloud knowledge (AWS/GCP/Azure), and coding in languages like Python or Go; 6+ years and community contributions preferred.

176k – 253k
Remote7+ YOESecurity Engineering