RemoteLeaf Logo
Log in Sign up

Security Engineer II (GRC), Remote

1 month ago
United States
Full-time
Junior
Security Engineer
Cybersecurity
Cybersecurity HIPAA
Apply Now
Aledade

Aledade

Aledade collaborates with independent practices, health centers, and clinics to establish and manage Accountable Care Organizations (ACOs) that prioritize primary care, enabling physicians to enhance patient care while maintaining their independence in...

Health Care Providers & Services
1K-5K
Founded 2014
$686M raised
View All Jobs 13

Description

  • Design, build, and operate GRC solutions that improve and mature enterprise compliance capabilities.
  • Implement and optimize security questionnaire and trust assessment workflows and maintain the response repository.
  • Develop automated compliance monitoring and reporting mechanisms and track key risk indicators and compliance metrics.
  • Design scalable GRC processes and control frameworks to support business growth and security attestation initiatives.
  • Analyze security assessment results and third-party risk evaluations to identify compliance gaps and remediation opportunities.
  • Research emerging regulatory requirements and industry best practices, then make recommendations to stakeholders.
  • Support incident response from a compliance perspective, including assessing compliance implications, coordinating breach notification and regulatory reporting, and working with legal/compliance teams.
  • Create, maintain, and refine GRC documentation including policies, procedures, control documentation, risk assessments, and compliance training materials.

Requirements

  • BS/BTech (or higher) in Computer Science, Information Technology, Cybersecurity, or a related field.
  • 2+ years combined experience as a security or GRC professional in an enterprise environment (preferably healthcare or another highly regulated industry).
  • Hands-on experience with GRC frameworks and regulatory standards such as SOC 2, HIPAA, HITRUST, and NIST.
  • Knowledge of additional frameworks/regulations such as SOX/ITGC, CPRA, and ISO 27001 (preferred).
  • Experience leveraging GRC platforms to automate compliance and controls monitoring (examples: Vanta, OneTrust).
  • Experience conducting security assessments, third-party risk evaluations, and tracking compliance metrics.
  • Ability to collaborate cross-functionally with legal, compliance, engineering, and business stakeholders.

Benefits

  • Flexible work schedules and ability to work remotely (remote-first culture).
  • Health, dental, and vision insurance paid up to 80% for employees, dependents, and domestic partners.
  • Robust time-off plan (21 days of PTO in the first year), plus 11 paid holidays and two paid volunteer days.
  • 12 weeks paid parental leave for all new parents.
  • Six weeks paid sabbatical after six years of service.
  • Educational Assistant Program and Clinical Employee Reimbursement Program.
  • 401(k) with up to 4% company match and stock options.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Databricks

Head of Corporate Engineering

Databricks 1K-5K IT Services

Databricks is hiring a Head of Corporate Engineering to lead global enterprise engineering and operations, building and scaling secure cloud infrastructure, identity and access, endpoints, collaboration and engineering tools to enable developer velocity and enterprise compliance.

United States Full-time Lead Infrastructure Engineer Security Engineer
$265k-$364k
Agile AWS Azure Confluence GCP GitHub JIRA macOS
1 month ago
ClickHouse

Incident Response Security Engineer

ClickHouse 51-250 IT Services

Security practitioner role at ClickHouse focused on scaling incident detection and response capabilities, driving adoption of security processes and tooling, and protecting the company’s cloud and product infrastructure for customer-facing services.

United Kingdom Full-time Senior Security Engineer
AWS Azure ClickHouse GCP Penetration Testing Python SIEM
1 month ago
Samsara

Senior Security Engineer - Vulnerability Management

Samsara 1K-5K IT Services

Senior Security Engineer at Samsara responsible for deploying, operating, and improving the company’s Vulnerability Management program to reduce software vulnerabilities and protect customer-facing infrastructure.

United States Full-time Senior Security Engineer
$158k-$238k
AWS CI/CD DevSecOps Go Python Serverless Terraform
1 month ago
ARETUM

Junior DevSecOps Engineer - Contingent

ARETUM Construction & Engineering

Junior DevSecOps Engineer at Aretum supporting a federal client to operate, automate, and secure cloud-based systems and CI/CD pipelines to enable reliable, compliant deployments.

United States Full-time Junior DevOps Engineer Security Engineer
Agile Ansible AWS AWS CDK Azure Chef CI/CD Docker Encryption Git GitLab CI Grafana JIRA Kubernetes Linux LXC Prometheus Puppet SaltStack Scrum Serverless Terraform
1 month ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers