Expert Engineer, Governance, Risk, & Compliance

About The Position

Requirements

• Technical GRC engineering capabilities.
• Deep knowledge of leading practice GRC and compliance frameworks such as NIST 800-53 and CSF, CIS Controls, Cloud Security Alliance (CSA) CCM, etc.
• Ability to translate controls into technical system configurations and implement security controls within cloud and on-prem environments.
• Direct experience in performing technical assessments of cloud environments and application security, within the context of risk management and compliance.
• Understanding of technical GRC architectures, log flows, APis, and pipelines.
• Strong knowledge of cloud platforms (AWS, Azure, GCP) and their security services.
• Proficiency in scripting languages (Python, PowerShell, Bash) for automation and experience with building and maintaining integrations between GRC platforms and downstream/upstream systems to facilitate risk management workflows.
• Strong familiarity with GRC tools (e.g., ServiceNow GRC, Archer, AuditBoard, etc.).
• Experience with building dashboards and alerts for compliance monitoring.
• Knowledge of GRC AI-agent development and governance.
• Awareness of new upcoming cybersecurity compliance regulations and related requirements.
• Relevant GRC and compliance certifications including Certified Information Systems Auditor/ Manager (CISA/CISM), CRISC, Cloud security certifications (AWS, Azure, GCP).
• Bachelor's degree or equivalent work experience.
• 10+ years of direct experience in information security governance, risk management, compliance and/or security engineering.
• Excellent oral/written communication, problem solving and analytical skills.
• Ability to work independently and as part of a team to achieve desired objectives and project results.
• Ability to interface effectively and decisively with all levels of management, departments, business units across global time zones and outside vendors.
• Ability to consistently provide proactive communications and status to management and project teams.
• A desire to participate in creating the workplace you want to be a part of.

Responsibilities

• Play a critical role in the technical development, implementation, and maintenance of the GRC platform.
• Drive integration strategies between GRC platforms and enterprise systems to enable automated data sharing and reporting.
• Provide expert guidance and leadership on GRC technical matters to senior leadership and business stakeholders.
• Establish standardized workflows for risk assessments, exception handling, and remediation tracking to ensure consistency and accountability.
• Develop and implement compliance monitoring and reporting mechanisms in the GRC platform
• Perform technical risk assessments as part of security exceptions to identify gaps and engage with the business to understand control environments and mitigation strategies.
• Oversee issue management processes for audit findings, risk mitigation, and compliance gaps, ensuring timely resolution.
• Provide expert guidance on GRC architectures and AI -agent development.
• Participate in the administration of GRC tools and AI -agents.

Benefits

• Medical, dental, vision, health savings account or health reimbursement account, healthcare spending accounts, dependent care spending accounts, life and AD&D insurance, disability insurance;
• 401(k) with Company match, tuition reimbursement, charitable donation matching;
• Paid holidays and vacation, paid sick time, floating holidays, compassion and bereavement leaves, parental leave;
• Mental health & wellbeing programs, fitness programs, free and discounted games, and a variety of other voluntary benefit programs like supplemental life & disability, legal service, ID protection, rental insurance, and others;
• If the Company requires that you move geographic locations for the job, then you may also be eligible for relocation assistance.