Skip to content
PostmanPostmanSan Francisco, CA

Senior GRC Engineer

Senior GRC Engineer responsible for designing, building, and operating automation, integrations, and AI-assisted workflows across governance, risk, and compliance. Leads compliance initiatives including SOC 2, ISO 27001, HIPAA, and FedRAMP while partnering with cross-functional teams to improve security assurance and audit readiness.

180k – 200k
On-site6+ YOESecurity Engineering

About the role

What You'll Do

  • Design, build, and operate GRC automation across evidence collection, control testing, risk tracking, and compliance reporting.
  • Build integrations between GRC workflows and internal systems using code, workflow automation, low-code platforms, or AI-assisted tooling.
  • Lead SOC 2, ISO 27001, HIPAA, and FedRAMP initiatives, owning at least one certification end-to-end.
  • Drive continuous controls monitoring and automated evidence collection.
  • Lead technical risk assessments and control implementation with cross-functional stakeholders.
  • Improve audit readiness through automation and process optimization.
  • Mentor teammates and influence GRC strategy.

About You

  • 6+ years of cybersecurity GRC experience in high-growth technology environments.
  • Experience implementing and maturing GRC programs with pragmatic, engineered solutions.
  • Knowledge of SOC 2, ISO 27001, HIPAA, GDPR, CCPA, and/or FedRAMP.
  • Proficiency in Python, JavaScript, or similar for production-grade automation.
  • Experience integrating GRC tooling with ticketing, identity, asset management, and cloud platforms.
  • Experience with AI-assisted workflows or LLM-powered tooling.
  • Strong communication skills translating risk into engineering requirements.
  • Bachelor's degree or equivalent experience.

Skills

GRCSOC 2ISO 27001HIPAAFedRAMPPythonJavaScriptAi-Assisted WorkflowsLlm-Powered ToolingContinuous Controls MonitoringRisk AssessmentsGrc Automation
Monarch

Senior Application Security Engineer

MonarchUnited States

Senior Application Security Engineer embedded with product and engineering teams at Monarch, a personal finance platform. Conduct AppSec reviews, SAST/DAST, vulnerability management, and AI security for LLM features on Django/Python stack. Requires 5+ years in security engineering with Python and web security expertise.

180k – 215k
Remote5+ YOESecurity Engineering
Temporal

Senior Security Engineer, GRC

TemporalUnited States

Senior GRC engineer owning customer security questionnaires, compliance automation, risk assessments, and policy management across SOC 2, ISO 27001, and HIPAA. Requires 8+ years experience, scripting skills, and strong customer-facing communication.

180k – 225k
Remote8+ YOESecurity Engineering
Kaizen Labs

Senior Security Engineer

Kaizen LabsNew York, NY

Own end-to-end security architecture, compliance (FedRAMP, CMMC), and secure supply chain practices for a federal-focused government platform on AWS. Lead technical readiness and drive secure-by-default engineering in an early-stage environment.

180k – 220k
Hybrid5+ YOESecurity Engineering
Lumin Digital

Manager, Network Security

Lumin DigitalUnited States

Lead and build a new network security function at a fintech company, managing a team of engineers, setting technical direction for cloud-native network security architecture, and establishing automated, identity-aware security controls across cloud, SD-WAN, and ZTNA environments.

180k – 200k
Remote7+ YOESecurity Engineering
Valon

Senior Security Engineer, Identity & Access Management

ValonNew York, NY +1

Designs, implements, and operates enterprise IAM systems for workforce and customer-facing authentication in ValonOS, including IdP management, secure protocols, cloud IAM, and AI-assisted workflows. Requires 5+ years IAM experience, deep protocol expertise, and IdP hands-on skills.

180k – 230k
Remote5+ YOESecurity Engineering