RemoteLeaf Logo
Log in Sign up

GRC Engineer

1 week, 3 days ago
United States
Full-time
Mid Level
Security Engineer
Software Development
AWS Azure CloudFormation GCP Go HIPAA Python SIEM Terraform
Apply Now
TherapyNotes

TherapyNotes

TherapyNotes is a comprehensive practice management software designed for behavioral health practitioners. It offers a range of features including secure record management, appointment scheduling, note writing, and billing services. Developed by a husb...

Health Care Providers & Services
51-250
Founded 2010
View All Jobs 5

Description

  • Conduct third-party risk assessments, including vendor reviews, security questionnaires, and risk evaluations.
  • Maintain and update security policies, standards, and procedures.
  • Support compliance initiatives across frameworks such as SOC 2, ISO 27001, HIPAA, and NIST.
  • Perform internal risk assessments, control testing, and gap analyses.
  • Identify repetitive GRC processes and design automated solutions.
  • Build and maintain automated evidence collection using APIs, scripts, and integrations.
  • Implement continuous control monitoring to replace point-in-time audits.
  • Translate compliance requirements into technical controls and system configurations.
  • Work with Security Engineering to audit configurations continuously and remediate drift programmatically.
  • Build scalable workflows for vendor risk assessments, re-assessments, tracking, and reporting.

Requirements

  • Bachelor’s degree in Computer Science, Engineering, or a related field, or equivalent experience.
  • 3–6+ years of experience in security engineering, GRC, GRC engineering, or cloud security roles.
  • Strong scripting or programming experience with Python, Go, or similar languages.
  • Hands-on experience with cloud platforms such as AWS, Azure, or GCP.
  • Familiarity with Infrastructure as Code tools such as Terraform or CloudFormation.
  • Deep understanding of security controls and how they map to compliance frameworks.
  • Experience integrating APIs and building automation pipelines.
  • Experience with policy-as-code tools is a bonus.
  • Experience with GRC automation platforms is a bonus.
  • Familiarity with SIEM, SOAR, and security telemetry systems is a bonus.
  • Experience building internal tools or platforms for compliance and risk management is a bonus.
  • Certifications such as CISSP, CISM, CRISC, or cloud security certifications are a bonus.

Benefits

  • Competitive salary of $100,000-$140,000.
  • Employer-sponsored health, dental, vision, life, and disability insurance.
  • Retirement plan with company contribution.
  • Annual company profit sharing.
  • Personal development and training budget.
  • Open, collaborative work environment.
  • Extensive 2-week onboarding plan.
  • Comprehensive mentorship program.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

JMA Wireless

IT Infrastructure Security Operations Engineer

JMA Wireless 251-1K Wireless Telecommunication Services

JMA is hiring an IT Infrastructure Security Operations Engineer in Syracuse, NY to own the day-to-day security posture of its enterprise infrastructure and keep Windows and Linux environments continuously hardened and audit-ready.

United States Full-time Senior Security Engineer
$100k-$120k
Active Directory Ansible Bash Linux PowerShell Puppet Python SIEM
34 minutes ago
Sumo Logic

Staff Threat Research Engineer

Sumo Logic 251-1K Internet Software & Services

Sumo Logic’s Threat Labs is hiring a staff-level threat researcher to turn threat intelligence and original adversary research into high-quality detections for its SIEM platform.

United States Full-time Lead Research Scientist Security Engineer
$162k-$190k
AWS Azure Cybersecurity GCP Machine Learning PowerShell Python SIEM SOC
2 hours, 51 minutes ago
Bugcrowd

Manager, Engineering (Identity and Access Management)

Bugcrowd 1K-5K Internet Software & Services

Bugcrowd is hiring a Software Engineering Manager to lead its Identity and Access Management team in building secure, scalable authentication, authorization, and identity services across the company’s product ecosystem.

United States Full-time Lead Engineering Manager Security Engineer
$138k-$213k
Agile AWS Azure Encryption GCP Go Java JWT Node.js OpenID Connect Ruby SAML Scrum
6 hours, 14 minutes ago
Arize AI

DevSecOps Engineer (TypeScript & Agentic AI)

Arize AI 51-250 IT Services

Arize AI is hiring a remote IT Support Specialist to support Mac-only endpoints, cloud systems, and compliance operations for a distributed team.

United States Full-time Junior Security Engineer Systems Administrator
Confluence GitHub JIRA TypeScript
12 hours, 50 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers