CrawlJobs Logo

Senior GRC Tools and Automation Engineer

https://www.atlassian.com Logo

Atlassian

Location Icon

Location:
United States , San Francisco

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

We are looking for a skilled Senior GRC Tools and Automation Engineer to join our team. The ideal candidate will have a strong understanding of Governance, Risk, and Compliance (GRC) frameworks and will be adept at developing JIRA workflows. Experience in data analysis and reporting tools, API and data integration skills, and a good understanding of cloud, AI, and emerging technologies are essential. This role is crucial in enhancing our GRC capabilities through effective tool implementation and automation strategies.

Job Responsibility:

  • Lead the design, implementation, and maintenance of GRC tools to support compliance, risk management, and governance activities
  • Collaborate with cross-functional teams to gather requirements and ensure tools meet organizational needs
  • Design and develop custom JIRA workflows to streamline GRC processes
  • Ensure JIRA configurations align with best practices and organizational requirements
  • Utilize data analysis and reporting tools to generate insights and actionable reports for GRC activities
  • Create dashboards and visualizations to communicate risk and compliance metrics effectively to stakeholders
  • Develop and manage integrations between GRC tools and other enterprise systems using APIs
  • Ensure seamless data flow and integrity across platforms to enhance GRC operations
  • Stay informed about the latest developments in cloud computing, artificial intelligence, and emerging technologies
  • Assess the impact of these technologies on GRC practices and tools, and propose innovative solutions
  • Identify opportunities for automation within GRC processes to improve efficiency and reduce manual efforts
  • Implement automation solutions that enhance the accuracy and effectiveness of GRC operations

Requirements:

  • Bachelor's degree in Computer Science, Information Technology, or a related field
  • Advanced degree or relevant certifications (e.g., CRISC, CISSP, JIRA Certification) are a plus
  • A minimum of [X] years of experience in GRC tools implementation and automation
  • Strong expertise in developing JIRA workflows and configuring JIRA tools to meet organizational needs
  • Proficiency in data analysis and reporting tools, such as Power BI, Tableau, or similar platforms
  • Experience with API development and data integration techniques, ensuring seamless connectivity between systems
  • Solid understanding of cloud services (e.g., AWS, Azure, Google Cloud) and their implications for GRC
  • Familiarity with artificial intelligence and emerging technologies, with an ability to assess and integrate them into GRC processes
  • Excellent problem-solving skills, with a focus on innovation and process improvement
What we offer:
  • Health and wellbeing resources
  • Paid volunteer days

Additional Information:

Job Posted:
May 01, 2025

Employment Type:
Fulltime
Work Type:
Remote work
Icon
Atlassian - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Senior GRC Tools and Automation Engineer

Senior Security GRC Engineer

The Senior Security GRC Engineer at Atlassian will be instrumental in implementi...
Location
Location
India , Bengaluru
Salary
Salary:
Not provided
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5-7+ years experience in a similar role, preferably in a large-scale SaaS/Product environment
  • Expertise and experience working in security-focused roles
  • Experience with application security, especially web applications
  • Experience in cloud security architecture and infrastructure
  • Experience providing SME knowledge and guidance to stakeholders and engineering functions
  • Experience working with internal/external audit and leadership teams
  • Solid knowledge of cybersecurity principles, risk management strategies, and IT governance frameworks
  • Strong communication and interpersonal skills, with the ability to interact with stakeholders at all levels and explain complex security concepts in an understandable way
  • Relevant certifications such as CISSP, CISM, or CRISC would be beneficial
  • Scripting experience to automate recurring tasks (JQL, SQL, Python, Go)
Job Responsibility
Job Responsibility
  • Deliver technical expertise and innovation, providing security guidance to teams and promoting the adoption of industry-leading methodologies to build secure products by default
  • Drive technical solutions in security and risk management
  • Leverage data analytics and visualization, deriving actionable insights from security governance, risk, and compliance data
  • Promote automation and tooling, encouraging the use of the latest security tools to enhance product security processes
  • Proactively identify and mitigate risks, recognizing potential security threats or compliance concerns specific to product security
  • Collaborate with product security teams, implementing security controls and best practices
  • Regularly evaluate and report, assessing the effectiveness of security controls
  • Influence and align stakeholders, working with security engineers and stakeholders to drive alignment on security initiatives
  • Stay informed on regulatory awareness and compliance, keeping up with the latest developments in legislative, regulatory, and industry security requirements
What we offer
What we offer
  • health coverage
  • paid volunteer days
  • wellness resources
  • Fulltime
Read More
Arrow Right

Senior Security Engineer, GRC Automation

1Password is looking for a Senior Security Engineer – GRC to design and implemen...
Location
Location
United States; Canada
Salary
Salary:
156000.00 - 210000.00 USD; CAD / Year
https://www.1password.com Logo
1Password
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in security engineering, DevSecOps, solutions engineering, or GRC automation roles
  • Proven experience working with GRC, compliance, or audit teams to build automation that supports evidence collection, control testing, or security monitoring
  • Direct experience implementing and integrating GRC platforms (e.g., Drata, Vanta, Tines, JupiterOne) into production environments
  • Strong scripting and integration skills using Python, JavaScript, APIs, webhooks, or workflow automation tools
  • Ability to work cross-functionally with security, compliance, legal, and infrastructure teams to translate policies into scalable technical systems
  • Familiarity with compliance frameworks such as SOC 2, ISO 27001, or NIST 800-53, and how they map to real-world infrastructure and operations
Job Responsibility
Job Responsibility
  • Lead the implementation and integration of our GRC platform, ensuring it is fully operationalized across key systems and workflows
  • Build out automated workflows for control testing, evidence collection, and audit readiness
  • Develop and maintain integrations between the GRC platform and systems of record (e.g., ticketing systems, IAM, asset inventories, configuration management)
  • Design dashboards and reporting to track control health, trust signals, and audit performance
  • Collaborate with teams across Security, GRC, and Engineering to embed compliance into operational processes like employee onboarding, change management, and incident response
  • Shape the roadmap for automated, resilient internal assurance infrastructure that grows alongside the business
What we offer
What we offer
  • Health and wellbeing: Maternity and parental leave top-up programs
  • Competitive health benefits
  • Generous PTO policy
  • Growth and future: RSU program for most employees
  • Retirement matching program
  • Free 1Password account
  • Community: Paid volunteer days
  • Peer-to-peer recognition through Bonusly
  • Remote-first work environment
  • Fulltime
Read More
Arrow Right

Senior Security Engineer, Privacy

As a Senior Security Engineer, Privacy, you will serve as a trusted advisor at t...
Location
Location
Canada; England; France; Germany; Italy; Portugal; Spain; United States
Salary
Salary:
88000.00 - 110000.00 EUR / Year
docker.com Logo
Docker
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6–8 years of experience in information technology, security engineering, governance, risk and compliance, privacy engineering, or closely related roles
  • Proven experience designing and implementing GRC programs with a strong emphasis on automation, engineering, and scalable processes
  • Hands-on experience implementing or operating privacy programs aligned with GDPR and ISO/IEC 27701, including privacy-by-design and privacy-by-default principles
  • Strong understanding of privacy engineering concepts such as data minimization, purpose limitation, data lifecycle management, and technical data protection controls
  • Proficiency in one or more programming or scripting languages such as Python or Golang, with experience building automation for compliance and privacy workflows
  • Experience working with APIs, webhooks, and integrating GRC, privacy, and security tooling
  • Hands-on experience with public cloud environments (AWS, Azure, or GCP), including applying privacy and data protection controls across backup systems, data lakes, and distributed cloud storage services
  • Experience integrating security and compliance requirements into SDLC and CI/CD pipelines using DevSecOps practices
  • Solid understanding of security frameworks and regulatory standards such as ISO 27xxx, SOC 2, GDPR, and NIST, and how they apply to SaaS environments
  • Knowledge of information security risk management and common security technologies (e.g., SIEM, vulnerability management, data loss prevention, endpoint protection)
Job Responsibility
Job Responsibility
  • Embed privacy-by-design principles into Docker products, services, and internal platforms, aligned with ISO/IEC 27001, ISO/IEC 27701, SOC 2, and global privacy regulations
  • Partner closely with Docker engineering and product teams to integrate privacy requirements into architecture decisions, SDLC processes, and CI/CD pipelines
  • Design, develop, and maintain automated GRC and privacy workflows to support compliance monitoring, control testing, DPIAs, risk assessments, reporting, and audit readiness
  • Implement and customize GRC and privacy tooling using APIs, scripting, and automation to streamline evidence collection, control validation, and compliance operations
  • Lead and automate data discovery, classification, and data mapping across Docker systems to maintain accurate Records of Processing Activities (RoPA) and support data lifecycle governance
  • Conduct and operationalize security risk assessments and Data Protection Impact Assessments (DPIAs), integrating findings into Docker’s risk register and remediation tracking
  • Define, implement, and validate data protection and data lifecycle controls, including data minimization, retention, deletion, and access controls
  • Build and maintain dashboards and security/privacy metrics to provide real-time visibility into risk, compliance posture, and program effectiveness
  • Support internal and external audits by providing high-quality, automated evidence and serving as a subject matter expert for security and privacy controls
  • Draft, maintain, and map security and privacy policies, standards, and procedures to relevant regulatory and industry frameworks
What we offer
What we offer
  • Freedom & flexibility
  • fit your work around your life
  • Designated quarterly Whaleness Days plus end of year Whaleness break
  • Home office setup
  • we want you comfortable while you work
  • 16 weeks of paid Parental leave
  • Technology stipend equivalent to $100 net/month
  • PTO plan that encourages you to take time to do the things you enjoy
  • Training stipend for conferences, courses and classes
  • Equity
  • Fulltime
Read More
Arrow Right

Senior Technical Risk and Compliance Engineer

This position is responsible for leading the design, implementation, and managem...
Location
Location
United States
Salary
Salary:
200000.00 - 250000.00 USD / Year
lawrenceharvey.com Logo
Lawrence Harvey
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Information Security, Computer Science, Law, or a related field
  • Minimum of 5 years of experience in technical compliance, cybersecurity, or a related area
  • Deep understanding of regulatory frameworks and standards relevant to the Americas, particularly in the financial technology sector
  • Proven experience in managing compliance programs and leading cross-functional teams
  • Hands on GRC engineering experience designing, developing and implementing GRC automations and toolings
  • Strong analytical and problem-solving skills, with a focus on identifying and mitigating compliance risks
  • Excellent communication and leadership skills, with the ability to work effectively with diverse teams and stakeholders
Job Responsibility
Job Responsibility
  • Leading the design, implementation, and management of risk & compliance programs that align with regulatory requirements and internal policies
  • Ensuring that Ant International’s products and services meet the highest security & compliance standards
  • Fulltime
Read More
Arrow Right
New

Systems Engineering Senior Specialist-Vulnerability Remediation & Tanium Support

We are currently seeking a Systems Engineering Senior Specialist-Vulnerability R...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • HCL Tanium — Server, Module Server, Zone Proxy, and Client deployment and administration (intermediate to advanced level)
  • Tanium Patch, Deploy, Interact, Inventory, Comply, Connect — module configuration and operations
  • Tanium Client deployment via GPO, SCCM, Intune, and PowerShell scripting
  • Tanium sensor, package, and saved question development
  • Vulnerability Remediation
  • Understanding of CVEs
  • Tanium RBAC — user roles, computer groups, content set management
  • Tanium Relevance Language for custom sensor and targeting development
  • PowerShell and Batch scripting for Tanium automation and client management
  • Tanium Connect integration with SIEM and ITSM platforms
Job Responsibility
Job Responsibility
  • Deploy and configure Tanium Server, Tanium Module Server, Zone Proxies, and Tanium Client across enterprise environments
  • vulnerability remediation using Tanium Comply, Detect, Patch, and custom remediation packages
  • Collaborate with security teams (SOC, Threat Management, GRC) to align remediation with vulnerability SLAs and compliance frameworks
  • Drive security hardening programs across endpoints using custom sensors, packages, and benchmarks
  • Execute Tanium platform deployments following defined architecture standards, deployment runbooks, and organizational guidelines
  • Manage Tanium Client deployment at scale across Windows, Linux, and macOS endpoints using GPO, SCCM, Intune, and script-based methods
  • Configure Tanium Zone Proxies for DMZ and remote site endpoint connectivity and visibility
  • Set up and configure Tanium modules post-deployment including Tanium Patch, Deploy, Interact, Inventory, Comply, and Connect
  • Manage Tanium platform SSL certificates, authentication configurations, and RBAC role assignments during and post-deployment
  • Execute Tanium platform upgrades, module updates, and hotfix deployments following change management procedures
  • Fulltime
Read More
Arrow Right
New

Grc Specialist Senior

The GRC Specialist Senior is responsible for conducting security assessments, co...
Location
Location
United States , Coral Gables
Salary
Salary:
Not provided
citynational.com Logo
City National Bank of WV
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5-7 years of of applied work experience in cyber security compliance management, cyber security programs, data engineering, analytics or integration, audits, assessments, risk and remediation
  • Knowledge of AI concepts (LLMs, prompt design, limitations, hallucinations, etc.)
  • Knowledge of information security management, governance, and compliance principles, practices, laws, rules, regulations, and frameworks such as GLBA, FFIEC, and NIST
  • Knowledge of IT systems and processes, network infrastructure, data architecture, and protocols
  • Skill in applying cyber and cloud security frameworks, architecture, design, operations, controls, and service orchestration
  • Proficiency in Microsoft Office products (Word, Excel, PowerPoint)
  • Ability to develop and implement enterprise governance, risk, and compliance strategies and solutions
  • Ability to research and locate information related to internal and external organizations using online and other sources
  • Skill in security project management and planning
  • Ability to maintain confidentiality and handle sensitive information appropriately
Job Responsibility
Job Responsibility
  • Coordinate risk and control self-assessments with IT and cybersecurity subject matter experts and enterprise risk management team
  • Conduct control testing and document results to identify potential gaps in control design and/or control operating effectiveness
  • Collaborate with GRC, engineering, SecOps, IT operations, and BCP teams to define requirements and ensure scalable, secure, and maintainable AI-driven automation solutions
  • Identify opportunities to develop automated solutions using Microsoft Copilot, Power Automate, or another approved automation tool
  • Develop and maintain cybersecurity and IT policies, standards, procedures, program metrics and help develop automated compliance reports and risk metrics for executive leadership, to improve decision-making and reduce operational risk
  • Coordinate work assignments with process owners, control owners, external auditors, and consultants, ensuring issues are documented, monitored, and resolved
  • Advise internal stakeholders on internal control design for ongoing risk mitigation of information systems based on regulatory requirements and best practices
  • Communicate security issues and risks effectively to diverse audiences and ensure compliance with applicable controls based on a unified framework
  • Identify and correct process gaps proactively, recommending improvements to advance the Bank’s information security program maturity in alignment with company goals
  • Guide program leaders on risk remediation efforts, ensuring adequacy of response and timeliness based on risk severity
What we offer
What we offer
  • Medical, dental, and vision plans with employer contributions
  • 401(k) with matching
  • Generous PTO and paid holidays
  • Access to mental health and financial wellness resources
  • Tuition Reimbursement
  • Flex Time
  • Fulltime
Read More
Arrow Right

Staff Trust, Risk and Compliance Engineer

As a Staff Trust, Risk, and Compliance Engineer you will operate at the center o...
Location
Location
Czechia , Prague
Salary
Salary:
Not provided
rapid7.com Logo
Rapid7
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Extensive experience (typically 10+ years) building bridge-layers between complex business requirements and technical operations
  • Deep understanding of managing complex lifecycles—whether in Trust, Risk, and Compliance (NIST, ISO) or other highly regulated, high-scale technical fields
  • A proven track record of designing systems that don't just "work" but scale
  • A design-thinking–led microservices architecture that allows the TRC stack to adapt and evolve organically
  • Strong engineering mindset applied to governance, risk, and compliance challenges
  • Advanced technical fluency, including: Cloud environments (AWS)
  • APIs, automation, and scripting (e.g., Python)
  • Commercial GRC platforms and security tooling
  • Ability to influence direction, negotiate outcomes, and shape how peers and leaders approach problems
  • Strong judgment and communication skills
Job Responsibility
Job Responsibility
  • Design and drive end-to-end Trust, Risk, and Compliance programs across multiple complex regulatory and compliance regimes
  • Architect and evolve Rapid7’s TRC technology ecosystem, connecting applicability, assessment, implementation, operation, and meaningful reporting
  • Improve TRC maturity at scale, reducing uncertainty and friction while strengthening risk management outcomes
  • Operate autonomously across most situations, managing timelines, dependencies, and escalations without being chased
  • Run multiple complex initiatives in parallel with broad, cross-functional scope
  • Partner with senior leaders across Information Security, Engineering, Platform, IT, Enterprise Applications, and the business to shape direction and outcomes
  • Apply deep engineering judgment to navigate and integrate Rapid7’s technical stack, including AWS, Okta, commercial GRC platforms, Tableau, Terraform and Rapid7 products (such as InsightCloudSec, Surface Command, and InsightVM), and other security tooling
  • Leverage APIs, automation, scripting (e.g., Python), data, and AI-driven approaches to modernize how TRC operates
  • Integrate with productivity and collaboration tools (e.g., Slack, Google Workspace, Atlassian Portfolio) to deliver a seamless Trust, Risk, and Compliance experience
  • Influence how Rapid7 employees (“Moose”) think about security and compliance — shifting left, embedding controls early, and avoiding reactive cleanup
  • Fulltime
Read More
Arrow Right

Senior Technical Program Manager

The Senior Technical Program Manager, Security & GRC will work directly with our...
Location
Location
United States
Salary
Salary:
200000.00 - 220000.00 USD / Year
humaninterest.com Logo
Human Interest
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in CS, Engineering, or a related field
  • Started career as a Security Engineer, Systems Administrator, or Analyst
  • TPM professional for 5+ years, specifically managing high-stakes security, privacy, or infrastructure initiatives
  • Deep understanding of the Security SDLC and experience navigating cloud-native service architectures (AWS/GCP) with a focus on security guardrails
  • Experience translating regulatory frameworks (e.g., SOC2, ISO 27001, FedRAMP, or GDPR) into concrete technical requirements
  • Proven ability to 'go deep' and comfortable looking at architectural diagrams, API docs, or cloud configurations to find root causes
  • Exceptional communication skills with a knack for explaining the 'why' behind a security control to a developer and the 'how' of a technical fix to an auditor
  • Strong ability to leverage data—from vulnerability scanners to Jira velocity—to tell a story and drive cross-functional decision-making
Job Responsibility
Job Responsibility
  • Technical security orchestration: Partner with Security Engineering, Risk, Product, and Infrastructure teams to bake security and compliance 'into the kiln'
  • Help design risk solutions: Dive deep into the security stack to not only identify execution blockers but actively architect the technical solutions to implement them
  • Help architect our security mission: Define the technical milestones for high-stakes initiatives like Zero Trust and IAM overhauls, translating a broad vision into a precise execution roadmap
  • Drive high-velocity operations: Lead agile security sprints that harmonize vulnerability remediation and threat detection with feature development
  • Optimize the 'rhythm of the business' by automating manual GRC workflows, eliminating manual friction and moving us toward Compliance as Code
  • Translate telemetry into narrative: Distill complex security data and telemetry into compelling risk narratives for leadership while maintaining high-fidelity technical depth for engineers
  • Optimize the defensive roadmap: Command long-term strategic planning by aligning cloud infrastructure costs and security tooling with the company’s overarching defensive goals
  • Cultivate organizational excellence: Uphold a relentless culture of focus and accountability, identifying systemic inefficiencies and driving impact through superior tooling and process engineering
What we offer
What we offer
  • A great 401(k) plan: Our own! Our 401(k) includes a dollar-for-dollar employer match up to 4% of compensation (immediately vested) and $0 plan fees
  • Top-of-the-line health plans, as well as dental and vision insurance
  • Competitive time off and parental leave
  • Addition Wealth: Unlimited access to digital tools, financial professionals, and a knowledge center to help you understand your equity and support your financial wellness
  • Lyra: Enhanced Mental Health Support for Employees and dependents
  • Carrot: Fertility healthcare and family forming benefits
  • Candidly: Student loan resource to help you and your family plan, borrow, and repay student debt
  • Monthly work-from-home stipend
  • quarterly lifestyle stipend
  • Engaging team-building experiences, ranging from virtual social events to team offsites, promoting collaboration and camaraderie
  • Fulltime
Read More
Arrow Right