CrawlJobs Logo
Iceberg Cyber Security Logo Iceberg Cyber Security · IT - Administration

GRC Engineer

United States · Job Posted April 12, 2026
Apply Position
Job Link Share

Job Description

GRC Engineer – AI-Powered Startup. My client is one of the fastest growing and most exciting AI technology start-ups in the world. They are rapidly emerging as a leader in its field, having secured its fourth round of VC funding. Despite being just a few years old, the company has already reached a multi-billion valuation, showing their trajectory! They are an engineering heavy organization with a very high bar. They only hire the best of the best. Candidates who are most successful in their organization previously had start-up/ scale up experience before joining. They are looking for a very technical GRC professional. They want someone who ideally comes from an engineering/technical background that has moved to GRC, loves to automate risk management processes but someone who can also drive PCI DSS, SOC2 and ISO27001 compliance and collaborate closely with/understand engineers. The right candidate must be willing and able to get their hands dirty from a technical point of view.

Job Responsibility

  • Automating compliance processes
  • Own risk & compliance strategy (SOC2, ISO27001, HIPAA)
  • Work hands-on with engineers
  • Read and understand code (ideally Python and other Automation tools) to streamline workflows
  • Engage with clients to ensure risk management best practices

Requirements

  • Extensive AI Automation/ AI Automation tool experience
  • Extensive GRC experience
  • Experience going toe to toe with Engineers
  • Ability to understand/Read code/use Python for Automations
  • Vendor Risk Management experience
  • Start-up/ Small team experience
  • Extensive PCI DSS Experience

Nice to have

  • ISO42001
  • EU AI ACT
  • NIST AI RMF
  • FedRAMP

What we offer

Very competitive compensation package including an equity package that is expected to 10X in the next few years

Iceberg Cyber Security - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

GRC Engineer

8 matching positions

GRC Engineer

Have you built and owned ISO 27001 compliance from scratch in a high-growth envi...
Location
Location
Australia
Salary
Salary:
Not provided
thisisiceberg.com Logo
Iceberg Cyber Security
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Built and led ISO 27001 compliance programs end-to-end from scratch
  • Ideally also implemented SOC 2 in parallel environments
  • Experience with APAC regulatory requirements including Australian Privacy Principles (APP) and Singapore Personal Data Protection Act (PDPA)
  • A mindset focused on engineering compliance into systems, not maintaining frameworks
  • Strong technical background (cloud, infrastructure, security engineering)
  • Ability to work directly with engineers at a deep technical level
  • Experience building or automating compliance systems (not just maintaining them)
  • Hands-on experience with cloud environments (AWS, GCP, or Azure)
  • Experience embedding compliance into CI/CD or engineering workflows
  • Startup or small team experience
Job Responsibility
Job Responsibility
  • Own and lead ISO 27001 end-to-end, from early-stage build through to audit readiness and certification
  • Design and implement scalable, engineered compliance systems (not manual processes)
  • Automate compliance and control monitoring across cloud environments
  • Translate regulatory requirements into real technical controls embedded in infrastructure and workflows
  • Work hands-on with engineering teams to integrate security into systems and CI/CD pipelines
  • Read and understand code (ideally Python) to build or support automation workflows
  • Support customer and sales teams with technical security discussions and compliance queries
  • Drive broader compliance initiatives (SOC 2 where needed)
What we offer
What we offer
  • Very competitive compensation package including equity with significant upside potential
  • Fulltime
Read More
Arrow Right

Grc Engineer

We’re looking for a GRC Engineer who can turn regulatory requirements and securi...
Location
Location
Sweden , Stockholm
Salary
Salary:
Not provided
lovable.dev Logo
Lovable
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • An engineer who has built compliance controls from the ground up
  • Experience with SOC 2, ISO 27001, GDPR, or similar frameworks
  • Strong architectural understanding and hands-on experience of common cloud infrastructures
  • Ability to automate compliance controls using code, scripts, or infrastructure tooling
  • A collaborative mindset - comfortable working with engineering teams and non-technical stakeholders like legal and marketing alike
Job Responsibility
Job Responsibility
  • Design and implement compliance-by-design systems across our infrastructure that people actually want to use
  • Automate compliance controls and monitoring using modern tooling
  • Work closely with engineering teams to ensure systems meet SOC 2, ISO 27001, GDPR, and emerging AI regulations
  • Partner with sales, product, platform, and legal teams to translate requirements and needs into technical implementations
  • Help shape the architecture around data handling, privacy, and responsible AI
  • Fulltime
Read More
Arrow Right

GRC Engineer

Location
Location
Egypt , New Cairo
Salary
Salary:
Not provided
ethicshr.com Logo
Ethics HR
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in engineering, Computer Science, Cyber Security, or any related field from a reputable university
  • Preferably have one of the following certifications: CCNA Security, CompTIA Security +, CISA, ISA27001
  • Fluency in Arabic and English
  • Fresh graduates with cybersecurity related certificate to 1 year experience in information security
  • Ability to: Identify systemic security issues based on the analysis of vulnerability and configuration data
  • Answer questions in a clear and concise manner
  • Ask clarifying questions
  • Communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means
  • Design valid and reliable assessments
  • Apply critical reading/thinking skills
Job Responsibility
Job Responsibility
  • Perform security reviews, identify gaps in security architecture, and develop a security risk management plan
  • Perform risk analysis (e.g., threat, vulnerability, and probability of occurrence) whenever an application or system undergoes a major change
  • Plan and conduct security authorization reviews and assurance case development for new and existing installation of systems and networks to confirm that risk is within acceptable limits
  • Provide input to the Risk Management Framework process activities and related documentation (e.g., system life-cycle support plans, concept of operations, operational procedures, and maintenance training materials)
  • Verify and update security documentation reflecting the application/system security design features
  • Verify that application software/network/system security postures are implemented as stated, document deviations, and recommend required actions to correct those deviations
  • Develop security compliance processes and/or audits for external services (e.g., cloud service providers, data centers)
  • Participate in Risk Governance process to provide security risks, mitigations, and input on other technical risk
  • Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc
  • Assure successful implementation and functionality of security requirements and appropriate IT policies and procedures that are consistent with the organization's mission and goals
Read More
Arrow Right

Lead Cybersecurity GRC Engineer

Lead Cybersecurity GRC Engineer role focusing on risk remediation and governance...
Location
Location
United States , New York
Salary
Salary:
225000.00 USD / Year
realign-llc.com Logo
Realign
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • CISSP certification strongly preferred (or equivalent demonstrated experience)
  • Additional certifications such as CISA, CISM are a plus
  • Experience with GRC platforms such as: ServiceNow IRM / GRC, Archer, 6clicks, Other comparable GRC tools
  • Prior exposure to regulated financial services environments (Banking / Insurance)
  • Minimum 8 years of experience in Cybersecurity and GRC, spanning multiple security domains (CISSP domains may be used as a reference framework)
  • Strong hands-on experience in risk remediation, particularly across security design, testing, compliance, BCP/DR, and third-party risk
  • Proven ability to translate policy and regulatory requirements into actionable remediation steps
  • Demonstrated experience in control testing (ToD and ToE)
  • Excellent verbal and written communication skills, with experience engaging senior leaders within banking or insurance organizations
  • Strong analytical and documentation skills with a track record of producing professional, client-ready deliverables
Job Responsibility
Job Responsibility
  • Lead and oversee cybersecurity risk remediation and governance initiatives aligned with enterprise risk and compliance requirements
  • Interpret security policies, standards, and regulatory requirements, and apply them effectively to enterprise assets and environments
  • Identify control gaps, non-compliance issues, and deviations, and drive remediation efforts to closure
  • Perform and guide security control testing, including: Test of Design (ToD), Test of Effectiveness (ToE)
  • Provide remediation guidance across key cybersecurity domains, including but not limited to: Secure architecture and security design, Security testing and validation, Secure coding and code compliance, Business Continuity Planning (BCP) and Disaster Recovery (DR), Third-Party Risk Management (TPRM)
  • Partner with technical, risk, and business stakeholders to gather and validate evidence supporting remediation and compliance activities
  • Prepare and maintain high-quality documentation such as: Policies, procedures, and SOPs, Remediation plans and guidance documents, Risk and compliance reports
  • Present findings, recommendations, and remediation strategies to senior stakeholders and decision-makers
  • Influence outcomes through clear, tactful, and data-driven communication
  • Support compliance and audit activities
  • Fulltime
Read More
Arrow Right

Senior Identity & Access GRC Engineer

Senior Identity & Access Governance Engineer is responsible for the design, impl...
Location
Location
Romania , Bucuresti
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5–8+ years of experience in IAM or Identity Governance
  • Experience in building or transforming IAM capabilities
  • Hands-on experience with enterprise IAM platforms (SailPoint, Saviynt, OneIdentity, Okta, Microsoft Entra ID)
  • Experience with PAM solutions (CyberArk, BeyondTrust)
  • Strong knowledge of: RBAC / ABAC
  • Segregation of Functions (SoD)
  • SAML, OAuth2, OIDC
  • LDAP / Active Directory
  • MFA and conditional access policies
  • Experience in regulated environments (telecom, financial, utilities – preferred)
Job Responsibility
Job Responsibility
  • Define IAM governance framework, standards and control structure
  • Design IAM operational model
  • Translate IAM policies and standards into applicable technical controls
  • Design and maintain enterprise-wide RBAC models aligned with business roles and risk levels
  • Define and enforce Segregation of Functions (SoD) controls
  • Establish Key Risk Indicators (KRIs) and control effectiveness metrics
  • Maintain IAM documentation and record repository
  • Create an IAM maturity roadmap
  • Ensure alignment with Zero Trust principles
  • Design and optimize Joiner Mover Leaver processes
What we offer
What we offer
  • Hybrid working regime 2 days from the office, 3 days remote
  • Special discounts for Vodafone employees, Friends & Family offers
  • Demo telephone subscription - unlimited (voice and data)
  • Voucher for the purchase of a mobile phone
  • Medical subscription to a top private clinic & other medical benefits
  • Insurance for hospitalization and surgical interventions
  • Life insurance
  • Meal tickets
  • Bookster subscription
  • Participation in development programs and challenging projects in the leadership area
  • Fulltime
Read More
Arrow Right

Principal Software Engineer, GRC

At Vanta, our mission is to help businesses earn and prove trust. We believe tha...
Location
Location
United States
Salary
Salary:
285000.00 - 335000.00 USD / Year
vanta.com Logo
Vanta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Have played significant technical leadership roles for bigger orgs and complex projects
  • Have a good balance of customer focus, bias for action, and balancing between right long term, medium term and short term decisions
  • Have experience communicating with and working closely with a large set of cross-functional stakeholders
  • Have upleveled teams of engineers, mentoring and leading by example
  • Be a self starter and have a mix of previous startup experience and working at scale experience, and in an environment that prioritizes a bias for action
  • Have experience building architectural changes whose impact span is multi year, or have experience go very deep in technology and becoming an expert
  • Have an interest in learning about security or prior experience in the space
  • Experience working at rapidly scaling startups and large companies with environments that prioritize a bias for action
  • Open to using AI to amplify their skills and strengthen their work - demonstrating curiosity, a willingness to learn, and sound judgment in applying AI responsibly to improve efficiency and impact
Job Responsibility
Job Responsibility
  • Identify and solve complex, high-impact problems, leading projects with multiple cross functional stakeholders, engineering leaders and engineers to deliver significant impact to our business
  • Set technical direction impacting our entire engineering team, from critical systems and core product abstractions to developer productivity and hold a high bar for quality across engineering
  • Design, develop, and own new product functionality and/or infrastructure leveraging modern frameworks and tooling (TypeScript, React, Node.js)
  • Work on deeply ambiguous problem areas, and will tackle larger more long term challenges for the company
  • Design, develop, and own new product functionality and infrastructure leveraging modern frameworks and tooling (TypeScript, Terraform, Node.js)
  • Make effective tradeoffs that consider business priorities, user experience, and a sustainable technical foundation
  • Act as a cultural beacon, setting an example for effective, collaborative engineering and helping mentor junior team members
What we offer
What we offer
  • Offers Equity
  • Medical benefits
  • 401(k) plan
  • Other company perk programs
  • Comprehensive medical, dental, and vision coverage, with 100% of employee-only benefit premiums covered for most medical plans
  • 16 weeks fully-paid Parental Leave for all new parents
  • Health & wellness stipend
  • Remote workspace, internet, and cellphone stipend
  • Commuter benefits for team members who report to the SF and NYC office
  • Family planning benefits
  • Fulltime
Read More
Arrow Right

Staff Software Engineer, GRC Products

As a Staff Software Engineer at Vanta, you will play a critical role in driving ...
Location
Location
Canada
Salary
Salary:
Not provided
vanta.com Logo
Vanta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Over 10 years of industry experience with deep expertise in one or more technical areas (e.g., frontend, databases, distributed systems, APIs, AI, etc.)
  • Proven ability to lead complex technical initiatives, driving strategic projects and improving organizational processes in fast-paced, dynamic environments
  • Mastery in system design and software architecture, with a strong ability to balance technical considerations and execution constraints
  • Extensive experience building user-facing SaaS products, catering to both startup and enterprise users
  • Expertise in building 0→1 products and solving large-scale challenges, especially in environments that prioritize a bias for action
  • Strong leadership and mentorship experience, consistently up-leveling teams and leading by example
  • Excellent communication skills with the ability to influence and advocate for technical decisions at all levels of the organization
  • Open to using AI to amplify their skills and strengthen their work - demonstrating curiosity, a willingness to learn, and sound judgment in applying AI responsibly to improve efficiency and impact.
Job Responsibility
Job Responsibility
  • Identify, scope, and lead large technical projects, laying the groundwork for building highly performant, reliable, and customizable systems with long-term impact
  • Drive a portfolio of complex initiatives with a duration spanning multiple quarters, ensuring iterative and sustainable impact across product areas
  • Rally cross-functional teams to drive initiatives to completion, even without direct management of team members
  • Make strategic decisions that prioritize long-term success, while influencing Vanta’s technical direction alongside senior engineers and leadership
  • Champion engineering excellence by continuously improving processes, methodologies, and technical practices across the organization
  • Guide teams on tough technical decisions, balancing tradeoffs and resolving conflicts
  • Address product, technical, and operational challenges with clear, impactful solutions
  • Serve as a cultural leader, modeling collaborative behaviors and mentoring engineers to elevate organizational performance.
What we offer
What we offer
  • Industry-competitive salary and equity
  • 100% covered medical, dental, and vision benefits with dependents coverage
  • Pension contribution
  • 16 weeks fully paid Parental Leave for all new parents
  • Health & wellness stipend
  • Remote workspace, internet, and cellphone stipend
  • Flexible work hours and location
  • 21 days of Vacation Time and 80 hours of Sick Leave
  • 11 company-paid holidays
  • Virtual team building activities, lunch and learns, and other company-wide events!
  • Fulltime
Read More
Arrow Right

Senior Fullstack Software Engineer, GRC

At Vanta, our mission is to help businesses earn and prove trust. We believe tha...
Location
Location
United States
Salary
Salary:
175000.00 - 240000.00 USD / Year
vanta.com Logo
Vanta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Have at least 5 years of industry experience
  • Have played technical leadership roles for teams or complex projects
  • Have previous startup experience, or worked in an environment that prioritizes a bias for action
  • Have previous experience working on greenfield projects
  • Have an interest in learning about security or prior experience in the space
Job Responsibility
Job Responsibility
  • Lead complex projects with multiple stakeholders and engineers to deliver significant impact to our business
  • Set direction for critical technical surface areas, enabling us to stay ahead of continued rapid growth
  • Design, develop, and own new product functionality and/or infrastructure leveraging modern frameworks and tooling (TypeScript, React, Node.js)
  • Work with talented and kind engineers to make a significant impact on our customer base, enabling them to improve their security and prove it
  • Contribute to building Vanta’s engineering culture as we grow
What we offer
What we offer
  • Offers Equity
  • medical benefits
  • 401(k) plan
  • other company perk programs
  • Comprehensive medical, dental, and vision coverage, with 100% of employee-only benefit premiums covered for most medical plans
  • 16 weeks fully-paid Parental Leave for all new parents
  • Health & wellness stipend
  • Remote workspace, internet, and cellphone stipend
  • Commuter benefits for team members who report to the SF and NYC office
  • Family planning benefits
  • Fulltime
Read More
Arrow Right