Security GRC Engineer
$120k - $160kCWILL
About Us
CWILL a fast-growing Shopify SaaS startup company serving global (primarily US/EU) merchants. With strong product-market fit and expanding US operations, we are building our local security and compliance capabilities to meet global data privacy standards.
Role Overview
We are looking for a Security GRC (Governance, Risk, and Compliance) Engineer to drive data compliance governance and audit execution.
This role focuses on building practical, enforceable, and auditable controls around data access, data lifecycle, product data usage, and cross-border data flows.
This is a hands-on, execution-focused role working directly with data systems and audit processes (not a policy-only role).
Responsibilities
1. Data Compliance Governance
- Support US data compliance requirements (e.g., CCPA, EO 14117)
- Perform gap analysis and define remediation plans
- Design and implement controls for: sensitive data classification, access governance, data lifecycle management
- Build processes for data subject rights (deletion, access, portability)
- Participate in product and engineering reviews (e.g., DPIA)
- Support compliance for new features, data use cases, and vendor/cross-border scenarios
2. Compliance & Audit Execution
- Support SOC 2 readiness and audit execution
- Conduct access reviews, log validation, and anomaly detection
- Maintain audit records and generate compliance reports
- Build or improve automated evidence collection (e.g., scripting)
- Work with internal teams and external auditors to provide audit evidence
Requirements
This is a hands-on, execution-focused role working directly with data systems and audit processes (not a policy-only role).
1. Must-have:
- Authorized to work in the United States
- Mandarin preferred for day-to-day collaboration
- Bachelor’s degree or above in Computer Science, Information Security, or a related technical field
- 3–5 years of experience in Security, GRC, Data Security, or Data Compliance
- Hands-on experience with at least one compliance framework (e.g., SOC 2, CCPA, GDPR, 14117), beyond policy or documentation
- Practical experience in data compliance governance, including: sensitive data identification and classification, access control and access governance, data lifecycle management (storage, usage, deletion, portability)
- Ability to work with data systems (e.g., databases, data flows, APIs) and translate compliance requirements into technical implementations
- Basic technical capability (e.g., Python, Golang, or scripting) to support audit automation, data validation, or tooling
- Strong cross-functional communication skills, with the ability to work closely with engineering, product, data, and infra teams
2. Nice-to-have:
- Relevant certifications such as CISSP, CISM, or CIPP/US
- Experience in SaaS / e-commerce platforms (e.g., Shopify ecosystem) or third-party integrations
- Background in data governance, data platforms, or analytics
- Familiarity with cross-border data transfer compliance
- Understanding of web accessibility standards (e.g., WCAG, ADA) and related privacy/security considerations
Language:
- Mandarin (Required)
Benefits
Pay: $120,000.00 - $160,000.00 per year
- 401(k) matching
- Flexible schedule
- Health insurance
- Paid time off
- Vision insurance
Vacancy posted 15 hours ago
Similar jobs that could be interesting for youBased on the Security GRC Engineer in United States vacancy
- ...Security Engineer - GRC We are seeking a skilled professional to join our team for a 6-month contract role focused on Data Loss Prevention (DLP) within the cybersecurity and data security domain. Required Skills & Qualifications Experience in cybersecurity,...SuggestedContract workWork experience placement
Artech
Tampa, FL15 hours ago - ...Job Title: Security Engineer - GRC Job Locations: Remote Pay Rate: $30 - $37/hr on W2 (all inclusive) Duration:6+ Months Job ID: 78224-1 Applicants must be willing to work on W2 - (No OPT/CPT) Introduction This position is for a Security Engineer...SuggestedWork experience placementImmediate startRemote work
Artech
Jacksonville, FL15 hours ago $153k - $214k
...mission is to unleash employee productivity without compromising security by ensuring every identity is authentic, every application... ...is designed. 1Password is looking for a Senior Security Engineer - GRC Controls and Audit to serve as the technical and methodological...SuggestedCurrently hiringLocal areaImmediate startRemote workWork from homeShift work1Password
United States2 days ago$110k - $130k
...Perform risk and security assessments, design secure infrastructure architectures, and enhance communication. Structured Communication... ...has an immediate remote opening for a Senior Security Engineer(Penetration Testing/GRC Assessments) (must be available to work Pacific Time Zone...SuggestedTemporary workWork at officeImmediate startRemote workVisa sponsorshipAfternoon shiftSTRUCTURED HOME NETWORKS INC.
Richmond, VA2 days ago- ...GRC Security Engineer, Federal & Public Sector Engineering · Full-time · San Francisco Our mission is to automate coding. The first step in our journey is to build the best tool for professional programmers, using a combination of inventive research, design, and...SuggestedFull time
Anysphere
San Francisco, CA10 days ago $163.94k - $215.18k
...Hi, we're Oscar. We're hiring a Senior Security Engineer 1, GRC to join our Security Team. Oscar is the first health insurance company built around a full stack technology platform and a relentless focus on serving our members. We started Oscar in 2012 to create the...Full timeWork at officeFlexible hoursOscar Health
New York, NY4 days ago$124k - $150k
...information about American Home Shield and Frontdoor, please visit frontdoorhome.com. Responsibilities Summary: As an L5 Sr Security Engineer in IT GRC at Frontdoor, you will serve as an advanced practitioner that can lead complex security, risk, and compliance initiatives...Full timeFor contractors- ...Orrick, Herrington & Sutcliffe LLP is seeking an IT Security Engineer for Governance Risk & Compliance (GRC), providing data protection and privacy support. The role is available in any U.S. offices, including remote options. Responsibilities include maintaining security...Remote work
Orrick
New York, NY6 days ago - ...PRIMARY FUNCTION: Design, implement, audit, and maintain governance, risk management, and compliance (GRC) controls for the organization's information security program aligned to the National Institute of Standards and Technology (NIST), the Center for Internet...
KYOCERA AVX Greenville LLC
Fountain Inn, SC4 days ago - ...Title: Information Security Engineer with GRC(Data Loss Prevention) Duration - 13+ Months Location - Charlotte, NC/Chandler, AZ/Dallas, TX Required skills: Looking for Sr. Information Security Engineer to join our Enterprise Data Loss...
campus4tech
Charlotte, NC4 days ago $100k - $150k
...their operations. We leverage cutting-edge technologies to create scalable, secure, and user-friendly applications. As we continue to grow, we're looking for a skilled SAP Security Engineer (GRC - Technical) to join our dynamic team and contribute to our mission of...Full timeH1bLocal areaImmediate startRemote workVisa sponsorshipWork visaBright Vision Technologies
United States1 day ago- ...Role:- SAP Security Engineer- MRP, GRC, DOE Location:- Newtown Square, PA( Hybrid/ Travel) Mode of Hire:- FTE/Subcon Visa:- US Citizens + Security Clearance nice to have JD SAP Security Engineer Position Overview The SAP Security Engineer will design...Remote work
Yantran LLC
Newtown Square, PA15 hours ago $182k - $273k
...helps GoDaddy identify, assess, and address security risk across the business. We lead... ...governance initiative, partner broadly across engineering and security teams, and drive meaningful... ...you'll get to do... Support a team of GRC compliance specialists in helping to...Full timeTemporary workSecond jobWork at officeLocal areaRemote workWork from homeFlexible hours$125k - $170k
...LE038 Second Sight Solutions, LLC is seeking a Security Engineer specializing in Compliance to strengthen its security team. This role involves managing compliance frameworks and supporting audit efforts across the organization. The ideal candidate will have over 5 years...Remote workLE038 Second Sight Solutions, LLC
New York, NY3 days ago$110k - $130k
...A leading IT consultancy is seeking a Senior Security Engineer to conduct penetration testing and security assessments. This remote position requires expertise in security tools and compliance frameworks, as well as a Bachelors degree and relevant certifications. The role...Remote workSTRUCTURED HOME NETWORKS INC.
United States3 days ago- O.C. Tanner Company in Salt Lake City is seeking an Applications Security and Compliance Engineer to implement and manage the Drata GRC platform. This role includes optimizing integrations, supporting compliance metrics, and enhancing application security using tools like...
- ...Senior Systems Engineer SAP Security & GRC, immediate start. I am working with a Pharmaceutical client with an urgent requirement for a Senior Systems Engineer to own and drive their SAP Security & GRC roadmap across S/4HANA and adjacent platforms (Ariba, MDG, BTP)....Immediate startRemote work
CLOUDSCOUTS SOFTWARE SOLUTIONS LLC
Frisco, TX4 days ago - A leading staffing firm is seeking a Senior Governance, Risk, and Compliance (GRC) Analyst / Engineer. In this role, you will work on security best practices and compliance for cutting-edge robotic delivery solutions. You'll assess risks related to financial and IT systems...Remote work
Prestige Staffing
New York, NY11 days ago - ...SAP GRC Security Architect Fulltime remote. Must have technical/functional skills: ~10 years strong experience in SAP Security supporting global enterprise environments. ~ Deep expertise in SAP ECC and S/4HANA platforms including ABAP, FIORI, BTP applications...Full timeWork at officeLocal areaRemote work3 days per week
Diverse Lynx
United States4 days ago - ...Information Security GRC Engineer The Engineer, Information Security GRC is part of a team responsible for the global Information Security program. The role would gain exposure to the full suite of businesses and products which underpin the Parent ICE company. Information...Work experience placement
Intercontinental Exchange
Atlanta, GA3 days ago - ...Senior IT Security Specialist – GRC Responsibilities: Respond to security assessments, questionnaires and audits from clients and third... ...Compliance (GRC) tool management (Administrative and/or Engineering) is preferred. ~ Client focus, including tact and diplomacy...Remote work
1872 Consulting
Chicago, IL3 days ago - ...SAP GRC Security Architect The Opportunity SAP GRC Security Architect at a growth-oriented energy company Play a crucial role in ensuring the integrity, confidentiality, and availability of our SAP systems Be responsible for designing, implementing, and managing security...Visa sponsorship
Par Pacific Holdings, Inc.
Houston, TX3 days ago - ...Role:- SAP Security Architect - GRC S/4HANA Location:- Fremont, CA( Hybrid look for locals) Mode of Hire:- FTE/Subcon Visa:- Any JD 5. SAP Security Architect Required skills: SAP security roles and authorizations Strong SAP security architecture...Local area
Yantran LLC
Fremont, CA15 hours ago - ...SAP S/4HANA Security Architect Lead the design, implementation of security and governance solutions within the SAP S/4HANA landscape. Requires expertise in SAP security architecture, GRC frameworks, and compliance standards. Play a key role in ensuring secure and compliant...
JConnect Infotech
Waltham, MA3 days ago $11 - $14 per hour
...workflows, role catalogs, and access governance controls Perform security testing, access audits, and remediation activities Review and... ...(PFCG), and authorization concepts • Knowledge of GRC Access Control modules including Access Risk Analysis (ARA),...Insight Global
Atlanta, GA15 hours ago- ...You are the owner of the information security management system (ISO 27001) within the... ...quality management system (QMS). This is a GRC/compliance security position with a health... ...business. Your impact: You are the engine that allows Resilience to develop serenely...Remote work
Resilience Care
United States2 days ago - ...NATIONMIND LLC, a technology consulting firm, is seeking a skilled GRC Consultant to join our remote team. The role involves expertise in RSA Archer and knowledge of security frameworks to enhance information security and compliance. The ideal candidate should possess...Remote work
NATIONMIND LLC
United States2 days ago - Working Location: Pennsylvania, Center Valley; Massachusetts, Westborough Workplace Flexibility: Hybrid Job Duties The Senior IT Security GRC Analyst (Global) is accountable for the following core responsibility areas. Responsibilities are global in scope, with...Work experience placementLocal area
- ...through autonomous and intelligent platforms. Security at Saronic is a force multiplier. We're seeking a Security Engineer at the senior-level or above to own the product... ...is a hands-on security engineering role; not a GRC or project management role. No single...Permanent employmentContract workTemporary workWork at office
Saronic Technologies
Austin, TX3 days ago $169.15k - $191.25k
.... Come be a part of our journey! The Security Team is responsible for providing key security... ..., incident response, detection and GRC. Our team is looking for an experienced,... ...with other security functions, engineering, product, support, business operations to...Local areaRemote workHome officeFlexible hoursClickHouse
United States15 hours ago
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Security GRC Engineer. Be the first to apply!
Related searches
- sr information security engineer United States
- security engineer intern United States
- senior application security engineer United States
- security solutions engineer United States
- associate security engineer United States
- azure security engineer United States
- principal security engineer United States
- security engineering manager United States
- aws cloud security engineer United States
- dlp security engineer United States