ButterflyMX is seeking a GRC Engineer who is equal parts practitioner and builder. You will own the governance, risk, and compliance program. But more importantly, you will re-engineer how that program operates: replacing manual, point-in-time processes with AI-assisted, automated, and agentic workflows wherever possible. From continuous controls monitoring to automated vendor risk intake to AI-accelerated policy drafting, you will design a GRC function built for scale. This is a generalist role that spans the full GRC surface: compliance operations, risk management, audit management, trust and assurance, vendor/supply chain risk, and operational privacy support. You will own the day-to-day operations of our compliance posture: managing audit readiness, maintaining our risk register, driving policy development, coordinating vendor risk assessments, and building sustainable processes through engineering automations. You are equally comfortable automating a controls evidence request (not just handing it to the control owner!); conducting a supply chain risk analysis (software, firmware, hardware); and building automations and workflows to reduce compliance and documentation burdens. It is an individual contributor position reporting directly to the CISO to build and sustain our governance, risk, and compliance program.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed