Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Security Engineer - Governance Risk Compliance

$100k - $258k

xAI

Job Description

Job Description

ABOUT xAI

xAI's mission is to create AI systems that can accurately understand the universe and aid humanity in its pursuit of knowledge. Our team is small, highly motivated, and focused on engineering excellence. This organization is for individuals who appreciate challenging themselves and thrive on curiosity. We operate with a flat organizational structure. All employees are expected to be hands-on and to contribute directly to the company's mission. Leadership is given to those who show initiative and consistently deliver excellence. Work ethic and strong prioritization skills are important. All employees are expected to have strong communication skills. They should be able to concisely and accurately share knowledge with their teammates.

ABOUT THE ROLE:

We are seeking an experienced and strategic Governance, Risk, and Compliance (GRC) team member as we expand into government and public sector applications of AI. This critical role will ensure that xAI operates within regulatory, ethical, operational, and federal boundaries while fostering a culture of integrity and resilience. You will collaborate with cross-functional teams to safeguard our mission-driven work in AI development and deployment, including support for sensitive and classified environments.

RESPONSIBILITIES:
  • Execute security compliance implementation and audits (e.g., ISO 27001/42001, SOC2, FedRAMP HIGH, DoD Cloud Computing SRG IL5/IL6, NIST 800-53 rev 5, NIST 800-171/CMMC, Risk Management Framework).
  • Work with 3PAOs (Third-Party Assessment Organizations) and federal government Authorizing Officials (AOs) to achieve compliance certifications, reports, and Authorized to Operate (ATO) status.
  • Identify, assess, and prioritize risks related to AI operations, cybersecurity, regulatory compliance, intellectual property, and cloud deployments.
  • Design and implement risk mitigation strategies, including monitoring systems, contingency plans, vulnerability scans, Plan of Action and Milestones (POAMs), and STIGs.
  • Ensure the implementation, oversight, monitoring, and maintenance of security configurations, practices, and procedures throughout the project lifecycle.
  • Serve as a liaison between system owners, security personnel, and cross-functional teams to facilitate effective communication, collaboration, and control implementation.
  • Lead Risk Management Assessment and Authorization (A&A) processes, cloud system risk assessments, compliance reviews for new products/changes/features, and process enhancements.
  • Conduct regular risk assessments, scenario analyses, and proactive evaluations of emerging threats, certifications, requirements, and technologies in the AI landscape.
  • Oversee audits, certifications, third-party assessments, and vulnerability management to maintain compliance and operational credibility.
  • Act as a subject matter expert, providing guidance on risk, compliance, and cybersecurity matters; translate business and technical risks for leadership.
  • Create and present regular reports on GRC performance, risks, and compliance status to senior leadership and stakeholders.
BASIC QUALIFICATIONS:
  • Bachelor's degree in computer science, Information Security, Cybersecurity, or in an engineering/STEM field
  • 3+ years of experience in governance, risk management, compliance, or technology audit roles.
  • Experience with vulnerability management, POAMs, STIG implementation, and cloud security controls.
PREFERRED SKILLS AND EXPERIENCE:
  • 5+ years of security compliance or technology audit-related.
  • Previous systems engineering experience strongly preferred
  • Ability to evaluate control objectives with IT configurations
  • Experience in the tech or AI industry, particularly with startups, innovative organizations, or government/public sector engagements.
  • Proven expertise in regulatory frameworks, data privacy, cybersecurity, and federal compliance standards, preferably in a technology, cloud, or AI-driven environment.
  • Strong understanding of AI ethics, emerging technologies, Risk Management Framework (RMF), and their associated risks.
  • Exceptional analytical, problem-solving, organizational, and project management skills, with the ability to balance innovation, oversight, and taking projects from conception to launch.
  • Excellent communication, stakeholder management, and translation skills, with experience influencing cross-functional teams and communicating risks to leadership.
  • Ability to thrive in a fast-paced, dynamic environment and adapt to evolving priorities.
  • Certifications like CISA, CRISC, CGEIT, Security+, CASP+, or similar preferred.
  • Deep expertise maintaining frameworks such as FedRAMP, DoD Cloud Computing SRG, NIST 800-171, NIST 800-53, CMMC, and STIG/RMF policies (including validation via ACAS and similar tools).
  • Familiarity with ISO 27001, ISO 42001, NIST, SOC 2, or similar compliance frameworks.
  • Background in managing third-party risk, vendor compliance programs, or federal assessments.
  • Understanding of cybersecurity controls for cloud service providers.
  • Knowledge of government cloud services and evolving certification programs.
COMPENSATION AND BENEFITS:

$100,000 - $258,000 USD

Base salary is just one part of our total rewards package at xAI, which also includes equity, comprehensive medical, vision, and dental coverage, access to a 401(k) retirement plan, short & long-term disability insurance, life insurance, and various other discounts and perks.

ITAR REQUIREMENTS:
  • To conform to U.S. Government export regulations, applicant must be a (i) U.S. citizen or national, (ii) U.S. lawful, permanent resident (aka green card holder), (iii) Refugee under 8 U.S.C. § 1157, or (iv) Asylee under 8 U.S.C. § 1158, or be eligible to obtain the required authorizations from the U.S. Department of State. Learn more about the ITAR here.

xAI is an equal opportunity employer. For details on data processing, view our Recruitment Privacy Notice.

Vacancy posted 14 days ago
Similar jobs that could be interesting for youBased on the Security Engineer - Governance Risk Compliance in Washington DC vacancy
  • $90k - $110k

     ...consulting firm that supports Federal Government clients. We provide consulting...  ...will support the Information Systems Security Officer / Systems Security and...  ...Officer (ISSO/SSPO) in executing Risk Management Framework (RMF) compliance, Security Assessment and Authorization... 
    Suggested
    Contract work
    Temporary work
    For contractors
    Work experience placement
    Remote work

    OCT CONSULTING LLC

    Hyattsville, MD
    3 days ago
  • $40 - $65 per hour

    Job Description The Cyber Security Analyst will actively participate in developing...  .... The Analyst will perform risk assessments, audits, and compliance reviews; maintain documentation; and...  ...enforcing compliance with cybersecurity governance frameworks (e.g., ISO 27001, ISO 4... 
    Suggested
    Work experience placement

    Insight Global

    Washington DC
    2 days ago
  •  ...Job Description Job Description Dexian Government Solutions is recruiting for a Senior Security Risk Management Engineer to support our proposal effort for the DHS...  ...enterprise risk analysis, and cybersecurity compliance engineering. This position bridges the gap between... 
    Suggested
    Contract work
    Temporary work
    Local area

    LinTech Global

    Washington DC
    14 days ago
  •  ...provide strategic leadership in cybersecurity, focusing on governance, risk management, and compliance. The ideal candidate will possess extensive experience...  ...of relevant experience. This position requires a TS security clearance. The role includes advising on Zero Trust... 
    Suggested

    MISSION ONE, LLC

    Washington DC
    1 day ago
  •  ...seeking a Cybersecurity Analyst in Alexandria, VA, focused on governance, risk, and compliance (GRC) activities. The ideal candidate should have a...  ...certifications. You will lead compliance efforts, manage security controls, and provide risk analysis reporting to government... 
    Suggested

    Medium

    Alexandria, VA
    1 day ago
  •  ...critical cybersecurity support to U.S. Government agencies and critical infrastructure...  ...support cybersecurity governance, risk, compliance, and modernization activities in...  ...Coordinate with system administrators, engineers, and security teams to prioritize and track remediation... 
    Contract work
    For contractors

    Argo Cyber Systems

    Arlington, VA
    15 days ago
  • ZERMOUNT POSITION DESCRIPTION (PD) SECURITY & COMPLIANCE ENGINEERING (SCE) POSITION OVERVIEW Zermount Inc...  ...Engineering (SCE) to support system risk analysis and ensure that federal information...  ...experience supporting U.S. Government systems 4+ years performing RMF, ISSO... 
    Remote work

    Zermount, Inc.

    Arlington, VA
    3 days ago
  • $109k - $124.4k

    Senior Associate, Cyber Governance & Risk - Cyber Exceptions Analyst Security is essential to what we do at Capital One...  ..., not just a step in the compliance process. You thrive working with...  ...technical understanding of software engineering best practices, cloud infrastructure... 
    Full time
    Part time
    H1b
    Local area

    Capital One National Association

    Mc Lean, VA
    4 days ago
  • $170k

     ...the legal and policy frameworks that govern technology and digital ecosystems?...  ...and data protection, cybersecurity compliance, digital governance, and risk management, helping them navigate...  ...Responsibilities: Conduct regular security assessments, vulnerability testing,... 
    Permanent employment
    Washington DC
    more than 2 months ago
  • A cybersecurity solutions provider is seeking a Cyber Security Analyst - Intermediate to support cybersecurity governance and defense. This role requires expertise in RMF/A&A processes and SOC operations, utilizing tools like Microsoft Sentinel for monitoring. Preferred... 
    Remote job

    Decision Point

    Washington DC
    13 hours ago
  • Overview The Government Publishing Office (GPO) SecDevOps program provides advanced security, development, and operations support to safeguard federal information systems...  ...operations to ensure continuous security, compliance, and resilience across GPO’s enterprise IT services... 
    Contract work
    For contractors
    Work at office
    Local area
    Remote work

    Decision Point

    Washington DC
    13 hours ago
  • $100k - $120k

     ...Cogent Communications, based in Washington D.C., is looking for a skilled Cybersecurity Analyst (Security & AI Governance) to safeguard the organization’s information assets and technology infrastructure. This role involves identifying, assessing, and mitigating cyber... 

    Cogent Communications

    Washington DC
    4 days ago
  • $100k - $120k

     ...C.C.D. Cogent Communications Deutschland GmbH is seeking a Cybersecurity Analyst (Security & AI Governance) to protect information assets and manage cyber threats. The role involves collaboration with IT teams and business stakeholders to align cybersecurity and AI governance... 

    C.C.D. Cogent Communications Deutschland GmbH

    Washington DC
    3 days ago
  •  ...Analyst to support the Army in delivering high-quality cybersecurity services. The role involves identifying, analyzing, and reporting security vulnerabilities across systems and networks. Ideal candidates will have over 5 years in vulnerability management, experience with... 

    Phase2 Technology

    Alexandria, VA
    13 hours ago
  •  ..., and the free world remains secure. Founded in 2024, Twenty Technologies...  ...We are seeking IT Security Engineer to join our growing...  ...our digital assets, and ensure compliance with industry standards. You...  ...eligibility to obtain a U.S. Government security clearance. Any clearance... 
    Full time
    Work at office
    Flexible hours

    Twenty

    Arlington, VA
    19 hours ago
  • $80k - $128k

    A leading national security company is seeking a Risk and Vulnerability Analyst to support the Security Operations Center by identifying and analyzing...  ...vulnerabilities, executing assessments, and ensuring compliance with various security standards. The role offers a salary... 

    Peraton

    Washington DC
    13 hours ago
  • $80k - $128k

     ...is currently seeking a Risk and Vulnerability...  ...Analyst supports a 24x7 Security Operations Center (SOC...  ...continuous visibility, compliance, and timely remediation...  ...coordination with SOC, IR, and engineering teams. Ensure...  ...partner to essential government agencies and supports... 
    Contract work
    Shift work

    Peraton

    Washington DC
    13 hours ago
  • $100k - $120k

     .... Job Summary Cybersecurity Analyst (Security & AI Governance) is responsible for protecting the organization...  ...assessing, monitoring and mitigating risks associated with information systems as...  ...services for cybersecurity, privacy, compliance, data protection and operational risks... 
    Temporary work

    Cogent Communications

    Washington DC
    2 days ago
  • $100k - $120k

     ...Job Summary The Cybersecurity Analyst (Security & AI Governance) is responsible for protecting the...  ...assessing, monitoring, and mitigating risks associated with Information Systems as...  ...services for cybersecurity, privacy, compliance, data protection, and operational risks... 
    Temporary work

    Cogent Communications

    Washington DC
    4 days ago
  • $69.4k - $158k

    Cybersecurity Governance Analyst When our country's cyber security is on the line, simply reacting is not enough. We need a plan to support our defense infrastructure...  ...cyber policies, gauge their coverage, and identify risk areas. You will evaluate or audit how policies stack... 
    Local area

    Dormont Manufacturing Company

    Alexandria, VA
    1 day ago
  • $100k - $120k

     ...Cybersecurity Analyst to safeguard information assets and manage AI governance programs. The role requires strong collaboration with IT teams...  ...is dynamic and fast-paced, assuring continual improvement in security measures and AI initiatives. #J-18808-Ljbffr Cogent... 

    Cogent Communications

    Washington DC
    2 days ago
  •  ...Cyber And It Security Risk Analyst Location: Bethesda, MD Contract: 12 Months Position Summary We are seeking a Cyber and Information...  ...and suppliers. Support internal and external audits and compliance efforts. Document implementation statements for security... 
    Contract work
    For contractors

    InteliX Systems

    Bethesda, MD
    4 days ago
  • $40 per hour

    A cybersecurity firm is seeking experienced cybersecurity professionals to evaluate AI-generated security content, solve technical problems, and provide feedback to improve AI systems. This is a flexible remote position, allowing you to work on chosen projects within a... 
    Remote job
    Hourly pay
    Flexible hours

    DataAnnotation

    Washington DC
    3 days ago
  •  ...wide range of clients across the Federal government, from senior level policy makers to...  ...Description We are seeking a Junior Cyber Risk Data Engineer/Analyst . This role focuses on the...  ...Qualifications Experience supporting national security organizations. Familiarity with cyber... 
    Internship
    Shift work

    Technomics

    Arlington, VA
    1 day ago
  • $62k - $141k

     ...Number: R0242703 Cybersecurity Risk Analyst The Opportunity Cyber...  ...knowledge as an information security risk specialist to help break...  ...in services for the federal government or federal advising within a...  ...Science, Information Systems, Engineering, Mathematics, or Physics Nice... 
    Local area

    Booz Allen Hamilton

    Alexandria, VA
    13 hours ago
  •  ...The Senior Federal Information Systems Security Engineer (ISSE) serves as a technical...  ...Ability to obtain and maintain the required government security clearance U.S. citizenship (required...  ...to support mission timelines Maintain compliance with all corporate and federal... 
    Contract work
    Work experience placement
    Relocation

    Ll Oefentherapie

    Arlington, VA
    20 hours ago
  • $62k - $141k

     ...Number: R0242703 Cybersecurity Risk Analyst The Opportunity:...  ...knowledge as an information security risk specialist to help break...  ...in services for the federal government or federal advising within a...  ...Science, Information Systems, Engineering, Mathematics, or Physics... 
    Full time
    Contract work
    Part time
    Work at office
    Local area
    Remote work

    Booz Allen Hamilton

    Alexandria, VA
    2 days ago
  • Booz Allen Hamilton is seeking an Information Security Risk Specialist in Alexandria, Virginia. This role involves assessing cybersecurity risks for federal clients, developing mitigation plans, and translating complex security concepts into actionable insights. Required... 

    Booz Allen Hamilton

    Alexandria, VA
    2 days ago
  • Insight Global is seeking a Risk Assessment Analyst to work hybrid in Alexandria, VA. This role supports senior DoD leadership by conducting...  ...executive-level materials. Candidates must have a Top Secret Security Clearance and 5+ years of federal experience. The position... 

    Insight Global

    Alexandria, VA
    4 days ago
  • $71.2k - $166.1k

     ...The Senior Federal Information Systems Security Engineer (ISSE) serves as a technical...  ...Ability to obtain and maintain the required government security clearance U.S. citizenship...  ...support mission timelines · Maintain compliance with all corporate and federal cybersecurity... 
    Contract work
    Temporary work
    Work experience placement
    Relocation
    Flexible hours

    Oracle

    Washington DC
    4 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Security Engineer - Governance Risk Compliance. Be the first to apply!