Senior Security Engineer – GRC Controls and Audit

Remote, USA • Full-time • Posted 2026-05-31

Partner directly with the Senior Manager of GRC to lead our commercial audit programs
Own the question of what "good evidence" looks like across SOC 2 Type II, ISO 27001/27017/27018, and ISO 27701
Help build the AI-assisted workflows and automation that make our audit programs more efficient
Directly lead technical audit walkthroughs
Define and maintain the evidence library
Execute deep-dive control testing and gap analysis
5+ years of experience in GRC, compliance, or audit, with a meaningful portion spent as an auditor
Deep hands-on experience with SOC 2 Type II; strong working knowledge of ISO 27001 and related standards (27017, 27018, 27701)
Demonstrated experience leading technical audit walkthroughs with external auditors
The ability to define what "good evidence" looks like for each control domain
Proven ability to design and execute control testing
Ability to work cross-functionally with Engineering, IT, Security, and People teams
Strong written and verbal communication skills
Experience with compliance automation platforms (Drata, Vanta, Secureframe, or equivalent)
A builder's instinct
health, dental, 401k and many others
generous paid time off
equity grant
participation in our incentive programs

Apply tot his job

Apply To this Job

Similar Jobs