Senior GRC Engineer

1 month, 2 weeks ago
Full-time
Senior
Cybersecurity
Life360

Life360

Life360 is the top family location safety app, offering advanced safety features to connect and protect millions of families worldwide.

Family Services
251-1K
Founded 2008
$140M raised

Description

  • Own the governance framework for Life360's agentic systems and define the policies, control sets, and compliance posture that govern how agents are built and deployed.
  • Automate GRC work such as evidence collection, control narrative drafting, vendor questionnaire triage, and related workflows using AI and internal tooling.
  • Build policy-as-code processes, including version-controlled policies, peer review via pull requests, enforceable requirements, and automated compliance checks.
  • Lead SOC 2 Type 2, ISO 27001, and SOX ITGC compliance end to end as management owner, including evidence management, auditor coordination, and gap remediation.
  • Develop an operational risk function that uses live data sources, quantitative risk methods, and actionable risk scoring for stakeholders from service owners to executive leadership.
  • Mature the third-party risk management program through tiered reviews, automated evidence collection, and agent-based assessment workflows.
  • Serve as the primary management contact for auditors, owning scoping, walkthroughs, evidence delivery, management responses, and finding closure.
  • Build cross-functional partnerships with Engineering, Legal, Privacy, Internal Audit, and Procurement to make compliance a shared operational practice.
  • Maintain clear boundaries between management GRC responsibilities and Internal Audit's independent third-line assurance.

Requirements

  • 5+ years of experience in GRC, security engineering, or a hybrid role covering both policy/control ownership and technical implementation.
  • Hands-on experience using AI tools, LLMs, or agents for real work such as drafting, automation, investigation, or code.
  • Coding ability with Python or an equivalent language, including APIs, integrations, scheduled jobs, and working pipelines.
  • Ability to gather control evidence directly from cloud environments using APIs rather than screenshots or manual collection.
  • Experience implementing, integrating, or significantly extending a modern GRC platform.
  • Working knowledge of SOC 2, ISO 27001, and NIST AI RMF at the control level, including how they are evolving for AI and agentic systems.
  • Experience with SOX ITGC cycles at a public company, including evidence, walkthroughs, and auditor findings.
  • Experience building or scaling a TPRM program, including tiering, vendor pushback, and assessment automation.
  • Quantitative risk experience, ideally with FAIR or an equivalent methodology applied in practice.
  • Clear written communication for policies, control narratives, audit responses, and risk statements.
  • Bachelor's degree or equivalent.
  • Preferred: experience taking a company through SOC 2 Type 2 or ISO 27001 certification from scratch.
  • Preferred: privacy program experience with GDPR, CCPA, data mapping, or DPIAs.
  • Preferred: experience on the implementation side of security, such as engineering, operations, or incident response.
  • Preferred: experience building governance frameworks for AI systems, including model risk, ISO 42001, or controls for LLM and agent deployment.

Benefits

  • Competitive pay and benefits.
  • US base salary range of $115,500 to $213,000, with final pay based on background, experience, and location.
  • Medical, dental, vision, life, and disability insurance plans, with employee coverage paid 100%.
  • 401(k) plan with company matching.
  • Mental Wellness Program and Employee Assistance Program (EAP).
  • Flexible PTO plus 13 company-wide days off each year.
  • Winter and Summer weeklong synchronized company shutdowns.
  • Learning and development programs.
  • Equipment, tools, and reimbursement support for a productive remote setup.
  • Free Life360 Platinum Membership for your preferred circle.
  • Free Tile products.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Active Directory / Identity Engineer

Keywords Studios 10K-50K Internet Software & Services

Keywords Group is seeking an experienced Active Directory SME and Azure Identity Lead to guide company-wide identity architecture and support global IT across on-premises and cloud environments.

Active Directory Cybersecurity DHCP DNS PowerShell
14 hours, 28 minutes ago

Senior Security Compliance Engineer

Klaviyo 1K-5K IT Services

Klaviyo is seeking a Senior Security Compliance Engineer to help its Security Trust & Risk team automate and scale compliance operations, continuous monitoring, and GRC tooling across a fast-growing AI-first B2C CRM platform.

AWS CI/CD Go HIPAA Kubernetes Python REST API SQL
15 hours, 13 minutes ago

Website Security Engineer

PetDesk 51-250 Health Care Providers & Services

PetDesk is hiring a Website Security Specialist to protect its website portfolio by preventing vulnerabilities, responding to incidents, and maintaining secure technical operations across the full site lifecycle.

WordPress
15 hours, 13 minutes ago

Principal AI Security Specialist - Federal

Zscaler 1K-5K Internet Software & Services

Zscaler is hiring a Principal AI Security Specialist to lead field-facing enterprise AI security engagements, helping Fortune 500 customers adopt GenAI securely across complex sales cycles.

Cybersecurity Generative AI LLM
1 day, 14 hours ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers