Principal Security Engineer - GRC Team Lead (Remote Eligible)
$205k - $275kSmartsheet
For over 20 years, Smartsheet has empowered teams to manage work seamlessly and scale solutions smarter. Now, in our most ambitious chapter yet, we are uniting human teams with AI agents. By orchestrating the work agents do best, automating manual tasks and uncovering insights at scale, we create the space for people to focus on what truly matters: judgment, creativity, and big thinking. That is magic at work, and it’s what we show up for every day. Smartsheet's GRC function is at an inflection point. As we scale our compliance programs across multiple frameworks (SOC 2, ISO 27001, FedRAMP, HIPAA, and emerging regulations), the manual work is becoming unsustainable. We need a technical GRC leader—someone who understands both compliance deeply and how to engineer solutions. As GRC Team Lead, you'll architect the technical foundation for how Smartsheet manages risk and compliance at scale. You'll design policy-as-code systems, build custom control frameworks aligned with our unique architecture, manage full audit cycles, and lead process improvements that make our GRC function a scalable engine. This is a principal-level role combining compliance expertise with technical execution. You'll be responsible for the strategy and delivery of GRC automation, evidence collection systems, audit readiness, risk management workflows, and technical control implementation. You'll work across security, engineering, and product teams to embed compliance into operations and reporting. This is an excellent opportunity to define how a world-class SaaS company approaches GRC in 2026 and beyond.
WHAT YOU WILL DO
* Own the end-to-end GRC strategy and roadmap: Lead the planning and prioritization of GRC initiatives that drive compliance maturity, reduce audit risk, and improve operational efficiency. * Design and implement policy-as-code systems: Translate compliance frameworks (SOC 2, ISO 27001, FedRAMP, HIPAA) into enforceable code, leveraging Infrastructure-as-Code (Terraform, CloudFormation) and automated compliance validation. * Build custom control frameworks: Design Smartsheet-specific Unified Control Frameworks (UCF) and Secure Control Frameworks (SCF) that map to our cloud architecture, multi-framework requirements, and organizational risk appetite. * Lead full audit cycles: Manage preparation, execution, and resolution for SOC 2 Type II, ISO 27001, FedRAMP, and other certification audits. Own evidence gathering, audit readiness tracking, and post-audit remediation. * Architect GRC platform strategy: Evaluate, select, configure, and integrate GRC tooling (Vanta, Drata, or similar) with our cloud infrastructure, identity systems, ticketing systems, and CI/CD pipelines to enable continuous compliance monitoring. * Design automated evidence collection and validation: Build data pipelines and integrations that automatically collect compliance evidence from AWS, application logs, identity systems, and operational tools; validate accuracy and reduce manual verification. * Translate compliance requirements into technical implementations: Work with engineering and security teams to express policies and regulatory requirements in a way they can execute and monitor—breaking down silos between compliance and technical teams. * Establish risk management and governance processes: Design and operate risk registers, control effectiveness assessments, continuous monitoring workflows, and escalation processes that provide leadership with real-time visibility into compliance posture. * Build and lead the GRC team: Mentor and develop your team, establish technical and operational practices, define the playbooks for compliance execution, and create a culture of continuous improvement.WHAT YOU HAVE
* 10+ years of experience in GRC, compliance, security engineering, or related roles, with 5+ years in a technical or leadership capacity managing compliance programs at scale. * A degree in Computer Science, Computer Engineering, Cybersecurity or a related field or equivalent practical experience. * Deep hands-on expertise in running full audit cycles across multiple frameworks, particularly SOC 2 Type II, ISO 27001, and FedRAMP. You've managed evidence preparation, control testing, audit remediation, and continuous monitoring. * Strong technical foundation in cloud architecture and compliance: Working knowledge of AWS/GCP/Azure, infrastructure-as-code (Terraform), CI/CD pipelines, identity and access management, encryption, and logging—sufficient to design control implementations and validate technical posture. * Hands-on experience with GRC platform administration and customization (Vanta, Drata, ServiceNow GRC, or equivalent), including integration design and workflow automation. * Proficiency in policy-as-code and compliance-as-code principles: Experience implementing automated controls, policy enforcement, and continuous compliance validation through code and configuration. * Fluency in multiple compliance frameworks: Deep knowledge of SOC 2 Trust Service Criteria, ISO 27001 control objectives, NIST 800-53 (or 800-171 for government), and experience with HIPAA, GDPR, and industry-specific frameworks. * Scripting and automation skills: Comfortable with Python, Bash, or similar for building integrations, data pipelines, and automated control validation. * Excellent communication and program management: Ability to distill complex compliance concepts for both technical and business audiences, manage multi-workstream programs, and drive alignment across teams. * Some federal/government sector experience is valuable but not required: Understanding of FedRAMP processes, government compliance nuances, and federal contractor requirements is a plus. * US Person Status: Must be a U.S. Citizen, U.S. National to meet federal compliance requirements.NICE TO HAVE
* Professional certifications: CISSP, CISM, CISA, CRISC, GRCP, or AWS Certified Security – Specialty. * Experience with AI governance frameworks (NIST AI RMF, ISO 42001) as emerging compliance requirements. * Background in DevSecOps or security operations with hands-on CI/CD and Infrastructure-as-Code experience. * Experience with SaaS-scale operations and rapid compliance scaling in high-growth environments. Current US Perks & Benefits: * Employer subsidized medical/vision and dental coverage for full-time employees * 401k Match to help you save for your future (50% of your contribution up to the first 6% of your eligible pay)- Monthly stipend to support your work and productivity
- Flexible Time Away Program, plus Sick Time Off
- US employees are automatically covered under Smartsheet-sponsored life
- US employees receive 12 paid holidays per year
- Up to 24 weeks of Parental Leave
- Personal paid Volunteer Day to support our community
- Opportunities for professional growth and development including access to
$205,000—$275,000 USD
Get to Know Us: At Smartsheet, your ideas are heard, your potential is supported, and your contributions have real impact. You’ll have the freedom to explore, push boundaries, and grow beyond your role. We welcome diverse perspectives and nontraditional paths—because we know that impact comes from individuals who care deeply and challenge thoughtfully. When you’re doing work that stretches you, excites you, and connects you to something bigger, that’s magic at work. Let’s build what’s next, together. Equal Opportunity Employer: Smartsheet is an Equal Opportunity (EEO) employer committed to fostering an inclusive environment with the best employees. It is our policy to provide equal employment opportunities to all qualified applicants in accordance with applicable laws in the US, UK, Australia, Germany, Costa Rica, Japan, Bulgaria, India, and Singapore. All qualified applicants will receive consideration without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran or disabled status, or genetic information. If there are preparations we can make to help ensure you have a comfortable and positive interview experience, please let us know. #LI-Remote$110k - $130k
Perform risk and security assessments,... ...Communication Systems is a leading information... ...an immediate remote opening for a Senior Security Engineer(Penetration Testing/GRC Assessments) (must... ...As part of our team, you’ll be... ...candidates that are eligible to work in the United...Remote workTemporary workWork at officeImmediate startVisa sponsorshipAfternoon shift- ...for an experienced Engineering Manager within the Infrastructure... ...group to lead our Security Engineering team. Security... ...we are open to fully remote candidates within the... ...teams Advise crucial GRC, technical, and policy... ...Kubernetes platforms Remote-eligible roles (as indicated...Remote workFull timeTemporary workWork at officeLocal area1 day per week
- Weston & Sampson Engineers Inc is seeking an experienced Project Manager for its Drinking Water Program in Manchester, New Hampshire. The... ...will manage infrastructure projects, supervise project teams, and establish relationships with municipal clients. Qualified...Remote jobWork from home
$88.79k - $143.84k
Charles County Government is seeking an Engineering Supervisor to oversee civil engineering projects and manage an engineering team. The role requires a Bachelor’s degree in... ...La Plata, Maryland, and offers telework eligibility. #J-18808-Ljbffr University of Illinois,...Remote job- ...Principal Security Engineer Curative is building the future of health... ...we collaborate as a team. If you want to do... ...things. This is a remote position Key... ...and analyst toil Lead incident response for... ...paid parental leave, based on role eligibility....Remote workFull timeFlexible hours
$150k - $175k
The Manager, IT Security Engineering & Operations is responsible for leading and executing the organization... ...execution with team leadership. The... ...Security & GRC and works closely... ...in office, 2 days remote, depending on role... ...to team members; eligibility for certain benefits...Remote workTemporary workWork at officeFlexible hours$286.2k - $326.7k
...Sr. Director, Machine Learning Engineering (Remote-Eligible) Overview: At Capital One, we are creating responsible and reliable... ...build world-class applied science and engineering teams to deliver our industry leading capabilities with breakthrough product experiences...Remote workFull timePart timeLocal area$95.3k - $158.8k
...a week. Senior Security Engineer II - Compliance Automation... ...of RELX, is a leading global provider of... ..., and Compliance (GRC) foundation across... ..., and engineering teams to move the... ...various flexible and remote working options available... .... This job is eligible for an annual...Remote workWork at officeLocal areaFlexible hours2 days per week3 days per week$132.4k - $251.6k
...government issued security clearance is... .... citizens are eligible for a security... ...experience and renowned engineering expertise to... ...'s threat. Our team solves tough,... ...a Senior Principal Systems Security... ...Performing Task Lead duties (e.g., task... ..., hybrid or remote. The salary...Remote workTemporary workWork experience placementWork at officeRelocation packageFlexible hours- ...edge technologies to create scalable, secure, and user-friendly applications.... ...looking for a skilled SAP Security & GRC Engineer to join our dynamic team and contribute to our mission of transforming... ...& GRC Engineer Location: 100% Remote (Continental United States)...Remote workFull timeH1bLocal areaImmediate startVisa sponsorshipWork visa
$190k - $215k
...improving a jet engine’s speed to... ...Ohio facility or remote. Role Overview... ...are seeking a Principal Engineer, Compressor... ...with industry leading analytical... ...system design team. Ensure products... ...government issued security clearance is required... .... Citizens are eligible for a security...Remote workTemporary workWork experience placement- ...Information Systems Security Engineer The Information Systems... ...the compliance team that creates or updates... ...Risk and Compliance (GRC) system. The Information... ...project of a Medicaid eligibility system. Provide management... ...Coordinate and lead meetings with relevant...Remote work
$112.7k - $193.2k
...Join Our Team at Optum Optum is a global organization that... ...critical decisions on enterprise security policies Utilizing the... ...supervisory capacity, provide lead direction, ensuring the formulation... ...(all benefits are subject to eligibility requirements). No matter...Remote workMinimum wageFull timeWork experience placementLocal area- ...Security Engineering Lead Northwood is a modern space infrastructure company... ...platforms and mentoring a growing team. You will lead the... ...configurations to support secure remote access and site... ...by 8 U.S.C. 1324b(a)(3), or eligible to obtain the required authorizations...Remote workPermanent employmentImmediate start
$130k
...Senior Security Engineer New York, NY, USA; San Francisco,... ...Engineer to join our team and operate across product... ...employees are also eligible for a bonus, competitive... ...Familiarity with GRC tools and frameworks... ...are part of our fully remote program, you'll stay engaged...Remote workFull timeWork at officeLocal areaNight shift$145.2k - $236.7k
...Lead Associate Principal Cloud Security Engineer Join our dynamic Security Engineering team as a Lead Associate Principal Cloud Security Engineer... ...to work with local and remote IT staff/management, vendors... ...All employees may be eligible for a discretionary bonus....Remote workLocal area2 days per week- ...Position Summary: The Director, Security Engineering is responsible for leading and advancing Inmar's... ..., product, and business teams to deliver scalable,... ...in Winston Salem, NC or remote within the continental US... ...lifestyles and life stages. Eligible associates have access to...Remote workTemporary workWork experience placementFlexible hours
$98.06k - $131.87k
...Time - Permanent Remote Employment:... ...hiring a Science and Engineering Unit Supervisor (Environmental... ...This position is eligible for telework and... .... Duties Lead the science and... ...multidisciplinary team of scientists and... ...and financial security a priority. We combine...Remote workPermanent employmentFull timePart timeFor contractorsWork experience placementInternshipWork at officeFlexible hoursShift work- ...Position Summary The Director, Security Engineering is responsible for leading and advancing Inmar’s... ..., product, and business teams to deliver scalable,... ...in Winston‑Salem, NC or remote within the continental US... ...vets. This position is not eligible for student visa sponsorship...Remote workWork experience placementFlexible hours
$244.7k - $279.2k
A leading financial services company is seeking a Director of Software Engineering. This remote-eligible position involves leading multiple software engineering teams, utilizing advanced technologies like AWS, and mentoring staff. Ideal candidates will have extensive experience...Remote work$78.02k - $119.19k
...Sargent & Lundy is a leading consulting engineering firm specializing... ...technical, hands-on Security Engineer who can... ...Engineering, Application teams, SOC, and GRC. Controls you build... ...Access (SASE) for remote users and sites:... ...compensation package for eligible positions will...Remote workHourly payWork at officeLocal areaFlexible hours3 days per week$200k - $275k
...Description Motional is a leading autonomous driving... ...and Performance team is the crucial... ..., self starting engineering leader to lead the... ...a hands-on Principal Engineer Team Lead... ...role can be fully remote. The salary range... ...certain positions are eligible to participate in...Remote workOdd jobWork at office$244.7k - $279.2k
A leading financial services company is seeking a Director of Software Engineering to lead remote teams in delivering high visibility software products. Candidates should have extensive... ...$244,700 - $279,200, and the role is eligible for performance-based incentives. #J-18...Remote work$110k - $130k
A leading IT consultancy is seeking a Senior Security Engineer to conduct penetration testing and security assessments. This remote position requires expertise in security tools and compliance frameworks, as well as a Bachelor's degree and relevant certifications. The role...Remote job- ...Principal Cyber Systems Engineer - Network Security Engineer III (26-212) At Northrop Grumman, our... ...(26-212) to join our team of skilled and diverse professionals... ...on-site work with no remote options. Position... ...position, employees may be eligible for overtime, shift...Remote workContract workWork experience placementRelocation packageFlexible hoursShift workNight shift
$244.7k - $279.2k
A leading financial services company is seeking a Director of Software Engineering to manage and grow multiple teams within a dynamic and remote-first environment. This role emphasizes leading high-impact... ...$244,700 and $279,200 and is eligible for performance-based...Remote work- ...A leading financial services company in Atlanta seeks a Director of Software Engineering to lead multiple teams and enhance software engineering practices. The ideal candidate will... ...deployment into AWS environments. This remote-eligible role also offers competitive...Remote work
$113.9k - $170.9k
...excellent opportunity for a Principal Cyber Systems Engineer - Network Security Engineer III (26-212) to join our team of skilled and diverse... ...requires on-site work with no remote options. Position Overview... ...position, employees may be eligible for overtime, shift...Remote workContract workWork experience placementRelocationFlexible hoursShift workNight shift$128.47k - $192.71k
## Engineering Team LeadApplylocations: Tucson, Arizonatime type: Full timeposted... ...**Engineering Team Lead** you will play a pivotal role... ....* Lead some field and remote performance studies – planning... ...*Benefits:**Subject to plan eligibility, terms, and guidelines. This...Remote workTemporary workPart timeRelocationFlexible hours- ...company is seeking a Director of Software Engineering who will lead and manage multiple product-focused engineering teams. The ideal candidate will have extensive experience... ...launching new products. This position is remote eligible and offers competitive salaries, incentives...Remote work
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Principal Security Engineer - GRC Team Lead (Remote Eligible). Be the first to apply!
- principal safety engineer United States
- associate director engineering United States
- principal cloud engineer United States
- assistant chief engineer United States
- optical engineer project manager United States
- principal security engineer United States
- director of process engineering United States
- director of product engineering United States
- principal developer United States
- chief building engineer United States


