Job Details

Job Title: GRC Automation Engineer
Location: Hybrid in San Francisco/NYC or Remote
Salary: $140,000-$215,000
Skills: Compliance Automation, Scripting & API Development, Security Frameworks (SOC 2, ISO 27001, PCI DSS), Cloud Platforms (AWS), Data Governance


About the Company / The Opportunity

:Join a forward-thinking leader in the software industry as a GRC Automation Engineer on a mission to enhance global compliance and enterprise risk management. This role offers the opportunity to shape the next evolution of a robust GRC program, embedding security and data governance principles into the heart of the business. You'll collaborate across teams to drive automation, uphold the highest standards of compliance and ethics, and leverage advanced technologies to improve organizational security posture in a growing SaaS environment

.
*If you are located within commuting distance of our San Francisco or New York City office this is a hybrid position (M/W/F in office). Otherwise this is a remote role anywhere in the United States with occasional travel to our H

Q.
Responsibiliti

• es:
  Design and automate control testing and evidence collection to reduce manual effort and improve accuracy for compliance initiati
• ves.Develop and maintain scripts and APIs across cloud infrastructure, endpoints, and SaaS platforms (e.g., AWS, GitHub, Okta) to interface with compliance to
• ols.Support recurring internal and external audits (SOC 2, ISO 27001, PCI DSS) by ensuring reliable control monitoring and remediat
• ion.Champion security, compliance, and data governance strategies, including data deletion, retention, and storage proces
• ses.Leverage AI/ML tools to enhance efficiency and drive improvements in GRC processes and overall compliance post
• ure.Define technical control requirements and collaborate with engineering teams to embed compliance checks into CI/CD and infrastructure deployment pipeli

nes.


Must-Have

• Skills:
  Experience in scripting or automation focused on security, infrastructure,
• or GRC.Proficiency in building API endpoints and command-line tools; experience working with structured data formats (JSON, CSV
• , YAML).Solid understanding of audit processes, evidence requirements, and remediation for security and compliance frameworks (SOC 2, ISO 27001, P
• CI DSS).Ability to automate audit and evidence gathering procedures within cloud and SaaS envir
• onments.Strong collaboration skills, able to work effectively with technical and non-technical teams to drive GRC init

iatives.
Nice-to-Hav

• e Skills:
  Familiarity with software development and compliance platforms (e.g., Drata, Satori
• , GitHub).Experience with AI/ML systems, open-source development, and frontend cloud tec
• hnologies.Knowledge of federal security frameworks such as FedRAMP or NIST (800-53, 800-
• 171, RMF).Security certifications (e.g., CIS
• A, CISSP).Exposure to large-scale SaaS, cloud, or infrastructure environments with glo