Senior GRC Engineer responsible for designing, building, and operating automation, integrations, and AI-assisted workflows across governance, risk, and compliance. Leads compliance initiatives including SOC 2, ISO 27001, HIPAA, and FedRAMP while partnering with cross-functional teams to improve security assurance and audit readiness.
180k – 200k
On-site6+ YOESecurity Engineering
About the role
What You'll Do
Design, build, and operate GRC automation across evidence collection, control testing, risk tracking, and compliance reporting.
Build integrations between GRC workflows and internal systems using code, workflow automation, low-code platforms, or AI-assisted tooling.
Lead SOC 2, ISO 27001, HIPAA, and FedRAMP initiatives, owning at least one certification end-to-end.
Drive continuous controls monitoring and automated evidence collection.
Lead technical risk assessments and control implementation with cross-functional stakeholders.
Improve audit readiness through automation and process optimization.
Mentor teammates and influence GRC strategy.
About You
6+ years of cybersecurity GRC experience in high-growth technology environments.
Experience implementing and maturing GRC programs with pragmatic, engineered solutions.
Knowledge of SOC 2, ISO 27001, HIPAA, GDPR, CCPA, and/or FedRAMP.
Proficiency in Python, JavaScript, or similar for production-grade automation.
Experience integrating GRC tooling with ticketing, identity, asset management, and cloud platforms.
Experience with AI-assisted workflows or LLM-powered tooling.
Strong communication skills translating risk into engineering requirements.
Senior Application Security Engineer embedded with product and engineering teams at Monarch, a personal finance platform. Conduct AppSec reviews, SAST/DAST, vulnerability management, and AI security for LLM features on Django/Python stack. Requires 5+ years in security engineering with Python and web security expertise.
180k – 215k
Remote5+ YOESecurity Engineering
Senior Security Engineer, GRC
TemporalUnited States
Senior GRC engineer owning customer security questionnaires, compliance automation, risk assessments, and policy management across SOC 2, ISO 27001, and HIPAA. Requires 8+ years experience, scripting skills, and strong customer-facing communication.
180k – 225k
Remote8+ YOESecurity Engineering
Senior Security Engineer
Kaizen LabsNew York, NY
Own end-to-end security architecture, compliance (FedRAMP, CMMC), and secure supply chain practices for a federal-focused government platform on AWS. Lead technical readiness and drive secure-by-default engineering in an early-stage environment.
180k – 220k
Hybrid5+ YOESecurity Engineering
Manager, Network Security
Lumin DigitalUnited States
Lead and build a new network security function at a fintech company, managing a team of engineers, setting technical direction for cloud-native network security architecture, and establishing automated, identity-aware security controls across cloud, SD-WAN, and ZTNA environments.
Designs, implements, and operates enterprise IAM systems for workforce and customer-facing authentication in ValonOS, including IdP management, secure protocols, cloud IAM, and AI-assisted workflows. Requires 5+ years IAM experience, deep protocol expertise, and IdP hands-on skills.