Senior Security Engineer, GRC Automation

Senior Security Engineer, GRC Automation This role designs and implements automation, dashboards, and integrations that power Governance, Risk, and Compliance (GRC) operations. It is a remote opportunity within the US or Canada. What You’ll Do Lead the implementation and integration of the GRC platform, ensuring it is fully operational across key systems and workflows. Build out automated workflows for control testing, evidence collection, and audit readiness. Develop and maintain integrations between the GRC platform and systems of record (e.g., ticketing systems, IAM, asset inventories, configuration management). Design dashboards and reporting to track control health, trust signals, and audit performance. Collaborate with teams across Security, GRC, and Engineering to embed compliance into operational processes like employee onboarding, change management, and incident response. Shape the roadmap for automated, resilient internal assurance infrastructure that grows alongside the business. What We’re Looking For 5+ years of experience in security engineering, DevSecOps, solutions engineering, or GRC automation roles. Proven experience working with GRC, compliance, or audit teams to build automation that supports evidence collection, control testing, or security monitoring. Direct experience implementing and integrating GRC platforms (e.g., Drata, Vanta, Tines, JupiterOne) into production environments. Strong scripting and integration skills using Python, JavaScript, APIs, webhooks, or workflow automation tools. Ability to work cross-functionally with security, compliance, legal, and infrastructure teams to translate policies into scalable technical systems. Familiarity with compliance frameworks such as SOC 2, ISO 27001, or NIST 800-53, and how they map to real-world infrastructure and operations. Bonus Points If You Have Hands-on experience with event-driven automation platforms like Tines and their use in control validation and alerting. Expertise in building evidence pipelines, tagging telemetry, or creating GRC dashboards in tools like Looker or Metabase. Strong understanding of cloud-native security architecture and its relationship to compliance controls (e.g., AWS IAM, encryption, logging). Experience working in customer trust, privacy engineering, or supporting sales/GTM teams with compliance assurance content. What You Can Expect Lead the implementation and integration of our GRC platform, ensuring it is fully operationalized across key systems and workflows. Build out automated workflows for control testing, evidence collection, and audit readiness. Develop and maintain integrations between the GRC platform and systems of record (e.g., ticketing systems, IAM, asset inventories, configuration management). Design dashboards and reporting to track control health, trust signals, and audit performance. Collaborate with teams across Security, GRC, and Engineering to embed compliance into operational processes like employee onboarding, change management, and incident response. Shape the roadmap for automated, resilient internal assurance infrastructure that grows alongside the business. Compensation and Benefits USA-based roles only: The annual base salary for this role is between $156,000 USD and $210,000 USD, plus participation in benefits, paid time off, equity, and incentive programs. Canada-based roles only: The annual base salary for this role is between $143,000 CAD and $193,000 CAD, plus participation in benefits, paid time off, equity, and incentive programs. Our culture emphasizes collaboration, clear communication, and core values: keep it simple, lead with honesty, and put people first. We are open to remote work and encourage AI-aware practices as part of our approach to security and privacy. #J-18808-Ljbffr