GRC Tooling And Automation Engineer

TEKsystemsRemote, OR
$50 - $70Remote

About The Position

This role focuses on developing and implementing automated audit scripts, data analytics routines, and GRC toolset administration to enhance internal control testing and compliance reporting. The engineer will leverage AI-native tooling and cloud security platforms like Wiz and Azure to assess security posture, identify vulnerabilities, and ensure compliance with various frameworks. Collaboration with cross-functional teams and clear communication of findings to stakeholders are key aspects of this position.

Requirements

  • 3+ years of experience in IT audit, internal audit, or a related risk and compliance function.
  • Demonstrated experience applying CAAT (Computer Assisted Auditing Tools) techniques, data analytics, or audit automation in support of internal or external audit activities.
  • Working knowledge of at least one data analytics or scripting tool (e.g., SQL, Python, ACL/Galvanize, IDEA, or Power BI).
  • Familiarity with cloud computing concepts and cloud-based infrastructure, particularly Microsoft Azure.
  • Experience working within a GRC platform to manage audit workflows, control documentation, and issue tracking.
  • Understanding of internal control frameworks such as COSO, COBIT, ITGC, or NIST and application controls testing methodologies.
  • Proficiency with GitHub for version control and collaboration, including branching, pull requests, and code review workflows in a team environment.
  • Strong analytical, problem-solving, and written and verbal communication skills.
  • Ability to manage multiple priorities and deliver quality work within established deadlines.
  • Strong cross-team collaborator who can communicate clearly with both technical and non-technical audiences, proactively surface dependencies and blockers, and build the relationships needed to move complex, multi-stakeholder work forward independently.

Nice To Haves

  • Bachelor's degree in Information Systems, Accounting, Computer Science, Finance, or a related field.
  • Tool specific data analytic or scripting tool: Wiz Query Language (WQL) and Kusto Query Language (KQL).
  • Proficiency in Microsoft Azure, including familiarity with Azure Active Directory, Azure Policy, Microsoft Defender for Cloud, and Azure Monitor/Log Analytics.
  • Hands-on experience with Wiz for cloud security posture management (CSPM), including interpreting findings, building queries, and mapping results to compliance frameworks.
  • REST API Proficiency: Understanding of API authentication (OAuth, API keys), pagination, and JSON parsing to reliably extract data from all three platforms.
  • One or more relevant certifications such as CISA, CIA, CISSP, CEH, Microsoft Azure Fundamentals (AZ-900), or equivalent.
  • Demonstrated application of AI workflows enabling evidence and testing workflows.
  • Prior experience administering or optimizing a GRC Toolset, including workflow configuration, reporting, and integration with other platforms.

Responsibilities

  • Develop and execute automated audit scripts and data analytics routines to test large datasets, identify anomalies, and evaluate the design and operating effectiveness of internal controls.
  • Continuously improve CAAT methodologies to increase audit coverage, reduce manual testing, and enhance the overall quality and efficiency of the audit process.
  • Utilize AI native tooling to build continuous testing and validation, such as deployment of AI agents to collect and validate evidence.
  • Maintain and optimize the GRC Toolset to support audit planning, risk assessments, control documentation, issue tracking, and regulatory compliance reporting.
  • Collaborate with audit and compliance teams to ensure findings, remediation actions, and evidence are accurately captured and up to date within the GRC Toolset.
  • Leverage Wiz to perform ongoing assessments of cloud security posture, misconfigurations, vulnerabilities, and compliance policy violations across cloud environments.
  • Translate Wiz findings into audit evidence, working with control owners to track and validate remediation activities through closure.
  • Conduct audit procedures over Azure infrastructure, including identity and access management, network security controls, resource configurations, and activity/diagnostic logs.
  • Assess Azure environments for compliance with internal policies, CIS benchmarks, and applicable regulatory frameworks, documenting results in the GRC Toolset.
  • Partner with GRC, IT, security, and business teams to communicate audit findings, explain CAAT-driven results, and provide practical remediation recommendations.
  • Prepare clear, concise reports and dashboards that summarize audit outcomes, control deficiencies, and risk exposure for management and key stakeholders.

Benefits

  • Medical, dental & vision
  • Critical Illness, Accident, and Hospital
  • 401(k) Retirement Plan – Pre-tax and Roth post-tax contributions available
  • Life Insurance (Voluntary Life & AD&D for the employee and dependents)
  • Short and long-term disability
  • Health Spending Account (HSA)
  • Transportation benefits
  • Employee Assistance Program
  • Time Off/Leave (PTO, Vacation or Sick Leave)
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service