TL;DR

Technical GRC Engineer (Governance Risk And Compliance): Build and maintain automated governance, risk, and compliance processes integrated with engineering teams, focusing on security frameworks and AI governance. Focus on designing Zero Trust architecture, automating compliance workflows, and managing security incidents in cloud environments.

Location: Based in Stockholm, Sweden or New York City, US with a 5-day in-office policy

Company

%hirify_global% builds AI-native legal tech solutions in collaboration with legal professionals, serving global firms across 40+ countries.

What you will do

Own and improve compliance frameworks like ISO 27001, ISO 42001, SOC 2 Type II with automation.
Embed with engineering teams to advise on Azure cloud infrastructure, CI/CD pipelines, and security risks.
Build automated GRC tooling using infrastructure-as-code, scripting, and GenAI tools.
Manage logging, SIEM systems, and security monitoring for audit and compliance evidence.
Serve as incident manager coordinating security incident response and remediation.
Conduct risk assessments, threat modeling, and coordinate audits and penetration tests.

Requirements

3+ years technical experience as software or DevOps engineer transitioning to GRC
Experience with Azure, infrastructure-as-code, CI/CD, and scripting (Python, Bash, PowerShell)
Knowledge of compliance frameworks FedRAMP, ISO 27001, SOC 2 Type II
Ability to configure logging and monitoring tools (Azure Monitor, Sentinel, Splunk, ELK)
Incident management skills and understanding of Zero Trust security principles
Strong communication skills bridging technical and non-technical teams

Nice to have

Experience securing AI/ML workflows and FedRAMP authorization processes
Familiarity with GenAI automation tools like Zapier or n8n

Culture & Benefits

Inclusive, diverse, and high-performance culture
Collaborative environment with emphasis on building together in person
Focus on innovation in legal tech and AI