Plus
Включить Plus
Назад
Company hidden
1 день назад

Senior GRC Engineer (Cybersecurity)

115 500 - 213 000$
Формат работы
remote (только USA)
Тип работы
fulltime
Грейд
senior
Английский
b2
Страна
US
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

Senior GRC Engineer (Cybersecurity): Building technical foundation of modern GRC program with policy as code, continuous control testing, automated evidence generation, and TPRM with an accent on governance for agentic AI systems. Focus on defining policies for autonomous agents, automating GRC workflows with AI, adapting controls for emerging frameworks, and driving SOC 2, ISO 27001, SOX compliance.

Location: Remote within the US

Salary: $115,500–$213,000 (US-based)

Company

Remote-first company with 500+ employees serving 95.8M monthly active users across 180 countries via mobile app for location sharing, safe driver reports, crash detection, Tile trackers, and Pet GPS.

What you will do

  • Own governance framework for agentic AI systems, defining policies, controls, and compliance ahead of regulations.
  • Automate GRC processes like evidence collection, control narratives, vendor triage using AI and custom integrations.
  • Build policy program as code in Git with automated checks satisfying SOC 2, ISO 27001, NIST CSF.
  • Drive end-to-end SOC 2 Type 2, ISO 27001, SOX ITGC as management owner, coordinating auditors and closing gaps.
  • Develop operational risk function with quantitative scoring, FAIR methodology, integrated data sources.
  • Mature TPRM with tiered reviews, automated workflows; act as primary auditor contact; build cross-functional partnerships.

Requirements

  • 5+ years in GRC, security engineering, or hybrid role owning policy, controls, and technical implementation
  • Build with AI tools (LLMs, agents) for analysis, drafting, automation; judge AI leverage vs. risk
  • Coding ability (Python or equivalent) to build APIs, integrations, pipelines
  • Evidence controls via cloud APIs (identity, logs, config); experience with modern GRC platforms
  • Deep knowledge of SOC 2, ISO 27001, NIST AI RMF, SOX ITGC at control level
  • TPRM program experience; quantitative risk (FAIR); clear writing; Bachelor's or equivalent

Nice to have

  • SOC 2 Type 2 or ISO 27001 certification from scratch
  • Privacy (GDPR, CCPA); security implementation experience
  • AI governance frameworks (ISO 42001, model risk)

Culture & Benefits

  • Competitive pay, equity, 100% paid medical/dental/vision/life/disability insurance
  • 401(k) with matching; Mental Wellness & EAP; Flexible PTO + 13 company holidays
  • Winter/Summer weeklong shutdowns; Learning & Development; equipment reimbursement
  • Free hirify.global Platinum & Tile products; values: good person, direct respect, members first, high impact

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →