Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Principal, GRC Automation and Cyber Risk

F5 Networks, Inc.

  • # Principal, GRC Automation and Cyber RiskApplyremote type: Hybridlocations: Seattle: San Josetime type: Full timeposted on: Posted Yesterdayjob requisition id: RP1037823At F5, we strive to bring a better digital world to life. Our teams empower organizations across the globe to create, secure, and run applications that enhance how we experience our evolving digital world. We are passionate about cybersecurity, from protecting consumers from fraud to enabling companies to focus on innovation. Everything we do centers around people. That means we obsess over how to make the lives of our customers, and their customers, better. And it means we prioritize a diverse F5 community where each individual can thrive.The Principal, GRC Automation & Cyber Risk Quantification is a senior **engineering and strategic leadership** role responsible for designing, implementing, and scaling automated, data-driven cyber risk and GRC capabilities across the enterprise. This role blends deep cyber risk management expertise with **hands-on software engineering**, GRC platform architecture, workflow automation, **API development and systems integration**, and emerging AI-enabled and **Agentic c**apabilities to modernize how the organization manages risk, compliance, and governance at scale.Reporting to the VP, Cyber Governance, Risk & Compliance, this role serves as a force multiplier for the GRC organization, translating complex regulatory and risk frameworks into automated controls, continuous monitoring workflows, decision-ready dashboards, and audit-ready evidence. The principal is expected to **write, review, and own production-quality code** and partner closely with ERM, Engineering, IT, Legal, Privacy, Internal Audit, and Digital teams to embed risk intelligence directly into business and technology processes.## **Key Objectives*** Shift GRC from manual, point-in-time assessments to continuous, automated, and risk-informed execution by **leveraging purpose-built engineering solutions, Python-based tooling, and Agentic workflows.*** Enable executive and board-ready cyber risk insights grounded in quantitative and business-relevant data, **supported by automated data pipelines and integrations.*** Standardize and automate control mapping, testing, evidence collection, and risk reporting across frameworks and regulators **through scalable API-driven architectures.*** Act as the technical and architectural authority for ServiceNow IRM and adjacent GRC automation capabilities, **including custom-developed integrations and Agentic automation agents.**## **Primary Responsibilities**### **1. GRC Automation & Platform Architecture*** Design, build, and evolve end-to-end GRC automation across risk, compliance, policy, and issue management domains — **including writing and maintaining Python-based automation scripts, services, and tools.*** Integrate GRC workflows with source systems (cloud platforms, vulnerability tools, IAM, SDLC, third-party systems) **via RESTful APIs, webhooks, and event-driven integration patterns** to reduce manual effort and improve data quality.* **Architect and maintain a systems integration layer** connecting GRC platforms to enterprise data sources, enabling real-time risk signal ingestion and automated control validation.### **2. Cyber Risk Quantification & Decision Enablement*** Partner with Cyber Risk leadership to operationalize quantitative and scenario-based risk analysis (e.g., FAIR-aligned methods).* **Engineer automated pipelines** for ingesting threat, vulnerability, asset, and business context data to support risk-based prioritization, **leveraging Python data processing libraries (e.g., pandas, NumPy) integration APIs, and Agentic work flows.*** Enable financially grounded cyber risk outputs that inform: + Risk acceptance and investment decisions + Executive and board-level reporting + Program prioritization and roadmap planning### **3. Compliance Automation & Continuous Monitoring*** Translate regulatory and framework requirements into automated, testable, and traceable controls, **implementing these as code-driven workflows and API-integrated monitoring checks.*** Implement continuous control monitoring and evidence refresh to support ISO, SOX, SOC, and regulatory audits, **using automated evidence collection scripts and scheduled integrations.*** Reduce audit fatigue by standardizing artifacts, workflows, and control narratives across compliance programs.* Partner with Internal Audit and external auditors to improve transparency, timeliness, and defensibility of GRC outputs.### **4. AI-Enabled GRC & Agentic Development*** **Design, build, and deploy Agentic automation solutions** — autonomous AI-driven agents capable of reasoning across GRC data, identifying risks, triggering workflows, and recommending actions with minimal human intervention.* Identify and pilot AI-assisted capabilities to accelerate GRC outcomes, such as: + Control mapping and gap analysis + Risk scenario generation and prioritization + Policy-to-control alignment and impact analysis + **Agentic issue triage, intelligent remediation recommendations, and autonomous evidence collection*** **Develop and integrate LLM-based or agent-framework tooling** (e.g., LangChain, AutoGen, or comparable frameworks) into GRC workflows.* Ensure all AI-enabled and Agentic GRC use cases align with internal security, privacy, and governance standards.### **5. API and Systems Integration*** **Design, develop, and maintain RESTful and GraphQL APIs** that expose GRC data and capabilities to downstream consumers including dashboards, reporting tools, and integrated enterprise systems.* **Own the end-to-end systems integration architecture** connecting GRC platforms to security tools, cloud environments, HR systems, asset management, and third-party risk platforms.* Establish and enforce **API governance standards**, including versioning, authentication, documentation (OpenAPI/Swagger), and rate management.* **Build and maintain integration middleware, ETL pipelines, and event-driven connectors** to ensure consistent, reliable data flows across GRC systems.### **6. Stakeholder Partnership & Influence*** Serve as a trusted advisor to security, IT, engineering, and business leaders on risk-based automation, control design, **and engineering best practices for GRC tooling.*** Influence teams to embed GRC requirements directly into SDLC, cloud, procurement, and third-party workflows.* Translate technical implementations — **including architecture diagrams, API designs, and automation logic** — into clear, executive-ready narratives for leadership consumption.## **Knowledge, Skills & Abilities**### **Knowledge*** Deep understanding of cyber risk management and GRC frameworks (NIST CSF, NIST 800-53/171, ISO 27001, SOC 2, SOX).* Strong grasp of enterprise risk management (ERM) concepts and alignment.* Working knowledge of quantitative cyber risk analysis (FAIR or similar approaches).* Familiarity with audit, regulatory, and certification processes.* **Understanding of software engineering principles, API design patterns, and systems integration methodologies.*** **Knowledge of Agentic AI frameworks and multi-agent system design principles.**### **Skills*** Expertise designing and automating workflows within ServiceNow IRM or comparable GRC platforms.* **Proficient Python developer** — able to write clean, maintainable, production-ready code for automation scripts, data pipelines, API clients, and Agentic workflows.* **Experienced in API development and integration** — designing and consuming REST APIs, managing authentication (OAuth, API keys), and building integration layers.* **Demonstrated systems integration experience** — connecting heterogeneous enterprise systems through APIs, webhooks, message queues, or ETL frameworks.* **Hands-on experience with Agentic development** — building autonomous AI agents using frameworks.* Ability to translate abstract frameworks into practical, automated, and scalable implementations.* Strong systems thinking, connecting people, process, technology, and data.* Excellent written and verbal communication skills, including executive-level storytelling.### **Abilities*** Operate comfortably at both strategic and hands-on engineering levels.* Influence without authority in a highly matrixed environment.* Drive change from legacy/manual processes to modern, code-driven automated execution.* **Independently scope, build, and ship engineering solutions with minimal oversight.**## **Qualifications**### **Required*** Bachelor's degree in Cybersecurity, Information Systems, **Computer Science,** Engineering, Risk Management, or related field.* 10+ years of experience across cybersecurity, risk management, GRC, or security architecture roles — **with at least 3–5 years in a hands-on engineering or software development capacity.*** **Demonstrated Python programming proficiency** applied to automation, data processing, tooling, or security use cases.* **Proven API development and integration experience**, including designing, building, and consuming APIs in enterprise environments.* **Demonstrated systems integration experience**, connecting GRC, security, cloud, or enterprise systems at scale.* Demonstrated experience automating or scaling GRC, risk, or compliance programs using enterprise platforms.* Strong experience partnering with cross-functional technical and business teams.### **Preferred*** Master's degree in a related field.* Experience with FAIR or quantitative risk methods.* **Hands-on experience with Agentic AI development** — building and deploying autonomous agents for task automation, decision support, or workflow orchestration.* **Familiarity with LLM orchestration frameworks** (LangChain, LangGraph, AutoGen, CrewAI, or similar).* Experience with Python data and automation libraries (pandas, NumPy, FastAPI, Celery, Airflow, etc.).* **Experience with API gateway tooling, integration platforms (e.g., MuleSoft, Boomi, Workato), or message broker systems (Kafka, RabbitMQ).*** Hands-on experience with AI, data analytics, or workflow automation applied to GRC use cases.* Professional certifications (CISSP, CISM, CRISC, Open FAIR).## **Why This Role Matters**This role is foundational to advancing the organization's GRC maturity by reducing friction, increasing signal, and enabling leadership to make faster, better-informed risk decisions. It is a highly visible **engineering leadership** position with direct impact on executive confidence, audit outcomes, and enterprise risk posture. The ideal candidate is equally comfortable **writing Python code and building Agentic workflows** as they are presenting risk insights to a board of directors — a rare blend of engineering depth and strategic influence that will define the next generation of GRC capability.The Job Description is intended to be a general representation of the responsibilities and requirements of the job. However, the description may not be all-inclusive, and responsibilities and requirements are subject to change.The annual base pay for this position is: $167,200.00 - $250,800.00*F5 maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, geographic locations, and market conditions, as well as to reflect F5’s differing products, industries, and lines of business. The pay range referenced is as of the time of the job posting and is subject to change.**You may also be offered incentive compensation, bonus, restricted stock units, and benefits. More details about F5’s benefits can be found at the following link:** F5 reserves the right to change or terminate any benefit plan without notice.*
  • J-18808-Ljbffr F5 Networks, Inc.

Vacancy posted 3 days ago
Similar jobs that could be interesting for youBased on the Principal, GRC Automation and Cyber Risk in Seattle, WA vacancy
  • F5 Networks, Inc. is seeking a Principal in GRC Automation and Cyber Risk Quantification in Seattle. This senior role combines engineering and strategic leadership, focusing on designing, implementing, and scaling automated cyber risk capabilities. The candidate will work... 
    Cyber
    Principal
    Risk

    F5 Networks

    Seattle, WA
    3 days ago
  •  ...achieve more through innovation, automation, and intelligent insights....  ...knowledge and familiarity with GRC and Offensive Security consulting...  ...and frameworks like the cyber kill-chain. Ability to listen...  ...optimizes costs, and reduces risk. Presidio's expert technical team... 
    Cyber
    Risk
    For contractors
    Local area

    Presidio Networked Solutions, LLC

    Seattle, WA
    2 days ago
  • $119k - $193k

     ...research and deliver strategic advice for risk management leaders and their teams. The ideal...  ...methods; deep knowledge and expertise in cyber risk quantification; and deep experience...  ...management, internal or external audit, and GRC platforms is strongly desired. The... 
    Cyber
    Risk
    For contractors

    Phase2 Technology

    Seattle, WA
    2 days ago
  • Salesforce is looking for a Manager of Governance, Risk and Compliance Security Automation in Bellevue to lead automation in compliance processes. This...  .... The ideal candidate will have extensive experience in GRC, Cybersecurity, and Software Engineering, along with a strong... 
    Risk

    Salesforce

    Bellevue, WA
    3 days ago
  •  ...00 Salesforce, Inc. is seeking a Manager of Governance, Risk and Compliance Security Automation in Bellevue, WA. The ideal candidate will define automation...  ...a team focused on compliance. With at least 8 years in GRC or Cybersecurity, expertise in Apex, Java, SQL, and... 
    Risk

    100 Salesforce, Inc.

    Bellevue, WA
    5 days ago
  • $148.5k - $223.9k

     ...inc. in Bellevue is looking for a Manager of Governance, Risk and Compliance Security Automation. This role involves leading the design and deployment of...  ...candidates will have at least 8 years of experience in GRC or Cybersecurity, and proficiency in backend programming... 
    Risk

    salesforce.com, inc.

    Bellevue, WA
    10 days ago
  •  ...Analyst in Seattle, WA, to provide strategic advice and conduct research for risk management leaders. Candidates should possess strong knowledge of risk management practices and expertise in cyber risk quantification, along with superior presentation and analytical skills... 
    Cyber
    Risk

    Phase2 Technology

    Seattle, WA
    3 days ago
  • $215.07k - $220.07k

     ...T-Mobile USA, Inc. seeks Principal Program Manager in Bellevue, WA to own and manage fraud...  ...cross-functional execution across IT, Risk, Cyber, Internal Audit, Compliance, Retail Op,...  ...services for AI driven controls, automated transaction monitoring, and machine learning... 
    Cyber
    Principal
    Risk
    For contractors
    Work experience placement
    Remote work
    3 days per week

    T-Mobile

    Bellevue, WA
    3 days ago
  • $153.6k - $192k

     ...spend effortlessly. the company’s AI-native automation and world-class service eliminate manual...  ...What you’ll do the company’s Governance, Risk, and Compliance function is at an...  ...expertise with technical execution. As a Senior GRC Engineer, you will drive critical GRC... 
    Risk
    Work at office
    Immediate start
    Remote work
    Work from home

    United States Digital Space LLC

    Seattle, WA
    1 day ago
  • $115k - $250k

    Cloud - Principal Technical Product Manager - (Seattle, WA) Seattle, Washington, United States...  ...solutions, proactively guard against cyber threats, and leverage machine learning alongside...  ...solutions in Artificial Intelligence, risk management, big data, mobile and more.... 
    Cyber
    Principal
    Risk

    Goldman Sachs Group, Inc.

    Seattle, WA
    4 days ago
  • $197.85k - $276.99k

     ...Principal Technical Product Manager For Factory Automation At Blue Origin, we envision millions of people living and working in space for the benefit of Earth...  ...Release & Change Management at Scale: Lead strategic risk mitigation and readiness activities to ensure... 
    Principal
    Risk
    Permanent employment
    Temporary work
    Relocation

    Central Body Service Inc

    Seattle, WA
    4 days ago
  • $120k - $175k

     ...Technology Cyber Security Architect Cooley is seeking a Cyber Security Architect to...  ...AI integrations Identify and mitigate risks related to AI systems, such as data leakage...  ...emerging technologies, including AI and automation platforms Extensive knowledge and understanding... 
    Cyber
    Risk
    Full time
    Temporary work
    Work at office
    Flexible hours
    Weekend work

    Cooley

    Seattle, WA
    3 days ago
  • $166k - $203k

     ...security, HackerOne delivers measurable, continuous reduction of cyber risk for enterprises. Industry leaders, including Anthropic, Crypto...  ...components that enhance vulnerability detection and security automation. Demonstrate First Principles Problem Solving by breaking... 
    Cyber
    Risk
    Apprenticeship
    Work at office
    Local area
    Remote work
    Flexible hours
    Shift work
    1 day per week

    HackerOne

    Seattle, WA
    4 days ago
  • $205k - $235k

     ...value enhancement, as well as advise on risk mitigation and the successful change of operations...  ...Infrastructure and cloud architecture Cyber and IAM architecture Digital Technology...  ....e., advanced analytics, robotic process automation, virtual reality) Cloud SaaS or PaaS (... 
    Cyber
    Risk
    Contract work
    Work experience placement
    Summer holiday
    Work at office
    Flexible hours
    Night shift

    EY

    Seattle, WA
    5 days ago
  • $215k - $250k

     ...in 2015 by experts from U.S. Cyber Command and MIT Lincoln Laboratory...  ...today! Summary As a Principal Product Manager at SimSpace,...  ...organizations defend, operate, automate, and make decisions. As...  ...implementation approaches, and delivery risks. Manage the product... 
    Cyber
    Principal
    Risk
    For subcontractor
    Work at office
    Local area
    Remote work
    Worldwide
    Flexible hours

    GrabJobs

    Seattle, WA
    1 day ago
  • $62.59 - $93.9 per hour

     ...and power plant facility operations and automation. The OT infrastructure platform is a fundamental...  ...server platforms, and associated cyber‑security technologies. If you enjoy working...  ...of Operational Technology trends, risks and security methods. Strong understanding... 
    Cyber
    Risk
    Hourly pay

    Koitecc Solutions

    Seattle, WA
    3 days ago
  • $112k - $154k

     ...purpose and pride. Your Role in the U.S. - Principal Software Development Engineer in Test...  ...requires an analytical approach to identify risks and opportunities for innovation quickly...  ...needs to design, develop, and maintain automated and manual test cases. Design, implement... 
    Principal
    Risk
    Temporary work
    Local area
    Flexible hours

    Zvh

    Bellevue, WA
    3 days ago
  • $205k - $235k

     ...value enhancement, as well as advise on risk mitigation and the successful change of operations...  ...Infrastructure and cloud architecture Cyber and IAM architecture Digital Technology...  ....e., advanced analytics, robotic process automation, virtual reality) Cloud SaaS or PaaS (... 
    Cyber
    Risk
    Full time
    Contract work
    Work experience placement
    Summer holiday
    Work at office
    Flexible hours
    Night shift

    EY

    Seattle, WA
    1 day ago
  • $124.9k - $229.1k

     ...Risk Consulting - Risk Technology - GRC/IRM Platforms - Manager Location: New York Other locations: Anywhere...  ...changes, regulatory reforms, and cyber threats. Organizations are increasingly...  ...technology to simplify governance, automate compliance, and deliver forward-... 
    Cyber
    Risk
    Work experience placement
    Work at office
    Flexible hours

    EY

    Seattle, WA
    4 days ago
  • Dormont Manufacturing Co is seeking a Senior GRC Engineer to join our Seattle team. You will bridge compliance...  ...technical execution, driving GRC processes to mitigate risk and ensure compliance. You’ll build automated systems to support security frameworks including SOC... 
    Risk
    Remote work
    Flexible hours

    Dormont Manufacturing Company

    Seattle, WA
    1 day ago
  • $175k - $285k

     ...Senior/Principal Product Manager, AI Seattle, WA (Remote) About...  ...Founded in 2013 by security and risk experts Dr. Alex Yampolskiy...  ..., board reporting, and cyber insurance underwriting; making...  ...opportunities to embed intelligent automation into existing workflows,... 
    Cyber
    Principal
    Risk
    Temporary work
    Immediate start
    Remote work

    SecurityScorecard

    Seattle, WA
    5 days ago
  • $77 - $84 per hour

    A leading consulting firm is seeking a Program Manager - GRC (Governance, Risk & Compliance) for a 4-month contract in Bellevue, WA. This hybrid role involves overseeing compliance standards, conducting audits, and collaborating with departments to mitigate risks. The ideal... 
    Risk
    Contract work

    eTeam

    Bellevue, WA
    4 days ago
  •  ...fill four Security Analyst/Senior Security Analyst (Technical Cyber Risk Management) positions. These roles report to an information security...  ...functions and processes. Act as a power user of Cybersecurity GRC solutions, specifically ServiceNow and Archer. Coordinate with... 
    Cyber
    Risk
    Contract work

    International Monetary Fund

    Seattle, WA
    3 days ago
  • $90k - $100k

     ...Cybersecurity Analyst to advance our Human Cyber Risk Management program while supporting...  ...exposure to both security awareness and GRC functions Demonstrated experience running...  ...privileged principles Familiarity with automation and scripting to support security and risk... 
    Cyber
    Risk
    Visa sponsorship

    Dormont Manufacturing Company

    Seattle, WA
    2 days ago
  • $153.6k - $192k

    Brex is seeking a Senior GRC Engineer in Seattle to drive critical Governance, Risk, and Compliance processes. This role involves automating security controls and building integrations to maintain compliance as Brex expands. Candidates should have over 5 years of experience... 
    Risk

    Brex

    Seattle, WA
    2 days ago
  • Join DigitalOcean, LLC as a Senior GRC Analyst, responsible for architecting ISO compliance frameworks and leading compliance initiatives...  ...candidate will have over 5 years of GRC experience, knowledge of risk management practices, and strong project management skills. This... 
    Risk

    DigitalOcean, LLC

    Bellevue, WA
    1 day ago
  • Program Manager - GRC (Governance, Risk & Compliance) Location: Bellevue, WA, 98006 Duration: 04 months contract Pay Range: $77.00/hr - $84.00/hr on W2 all-inclusive without benefits Hybrid Role: 2 days remote, 3 days in office Seniority level: Not Applicable Employment... 
    Risk
    Contract work
    Work experience placement
    Work at office
    Remote work

    eTeam

    Bellevue, WA
    5 days ago
  •  ...required IS vulnerability scans according to risk assessment parameters Manage the risks to...  ...to the Governance, Risk, and Compliance (GRC) application to support security control...  ...Computer Science, Cybersecurity, or other cyber discipline Clearance Requirements: Must... 
    Cyber
    Risk
    Work at office

    慨正橡扯

    Seattle, WA
    3 days ago
  • $148.9k - $271.5k

     ...Principal Strategist Adobe is at the forefront of digital innovation, raising the bar...  ...business case, compelling vision, competitive risks, etc.). ~ Strong people leader who...  ...enterprise content supply chain, marketing automation, CRM, account-based marketing, paid... 
    Principal
    Risk
    Temporary work
    Worldwide

    Adobe

    Seattle, WA
    4 days ago
  • $176.9k - $239.4k

     ...Principal Technical Infrastructure Program Manager We're seeking exceptional talent to...  ...advanced robotics systems that will transform automation at Amazon's scale. We're building...  ...reporting tools for visibility on progress, risks, changes, and mitigation strategies... 
    Principal
    Risk
    Flexible hours

    Amazon Technologies, Inc.

    Seattle, WA
    5 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Principal, GRC Automation and Cyber Risk. Be the first to apply!