Job Description
About the Role
We're seeking a GRC Engineer to join our security team and strengthen our governance, risk, and compliance programs. You'll work alongside technical security engineers to build and implement practical frameworks that protect customer data while enabling business operations across our marketing technology platform.
What You'll Do
- Own compliance programs including ISO 27001 and SOC 2, coordinating audits, managing evidence collection, and maintaining certifications
- Implement and manage a GRC automation platform (Drata, Vanta, or similar) to streamline compliance workflows and continuous monitoring
- Develop and refine security policies and procedures that meet regulatory requirements while remaining practical for engineering teams
- Assess risks across production, non-production, and QA environments, prioritizing security initiatives based on business impact and compliance obligations
- B...