GRC Engineer
$130kFull-time
Charlie Health
WHY CHARLIE HEALTH?
Millions of people across the country are navigating mental health conditions, substance use disorders, and eating disorders, but too often, they’re met with barriers to care. From limited local options and long wait times to treatment that lacks personalization, behavioral healthcare can leave people feeling unseen and unsupported. Charlie Health exists to change that. Our mission is to connect the world to life-saving behavioral health treatment. We deliver personalized, virtual care rooted in connection—between clients and clinicians, care teams, loved ones, and the communities that support them. By focusing on people with complex needs, we’re expanding access to meaningful care and driving better outcomes from the comfort of home. As a rapidly growing organization, we're reaching more communities every day and building a team that’s redefining what behavioral health treatment can look like. If you're ready to use your skills to drive lasting change and help more people access the care they deserve, we’d love to meet you. About the Role The GRC Engineer is responsible for transforming Charlie Health’s compliance, risk and control programs into automated, measurable and continuously monitored systems. This is a hands-on engineering role focused on building the technical foundations that support HIPAA, SOC 2, NIST and other compliance requirements. This role will partner closely with Information Security, IT Engineering, Compliance, Legal, Engineering and business teams to translate regulatory, contractual and risk requirements into automated controls, evidence pipelines, dashboards, workflows and continuous control monitoring. Our Information Security and IT organizations treat compliance as an engineering discipline. We value ownership, automation, measurable outcomes, reliability, auditability and continuous improvement. The GRC Engineer will help move Charlie Health from manual, point-in-time compliance activities toward scalable, system-driven assurance. Charlie Health operates in a highly regulated healthcare environment. This role will help ensure that controls protecting patient, clinician, employee and company data are well-designed, consistently operated and supported by reliable evidence.RESPONSIBILITIES
COMPLIANCE ENGINEERING & CONTROL AUTOMATION
* Design, build and operate automated controls that support HIPAA, SOC 2, NIST, ISO 27001 and other applicable frameworks * Translate compliance requirements into technical control logic, workflows, integrations, dashboards and evidence pipelines * Build scalable systems that reduce manual compliance work and improve confidence in control effectiveness * Partner with Security, IT, Compliance and Engineering teams to embed control requirements into systems and operating processesCONTINUOUS CONTROL MONITORING
* Build and maintain continuous control monitoring capabilities across identity, endpoints, cloud, SaaS platforms, security tools and business systems- Define control health metrics, thresholds, alerts and reporting mechanisms
- Identify control gaps, exceptions and drift, then partner with control owners
EVIDENCE AUTOMATION & AUDIT READINESS
* Automate audit evidence collection across systems such as Okta, Google Workspace, Jamf, Intune, SentinelOne, Wiz, AWS, Jira, Confluence, Slack and GRC platforms * Build repeatable evidence workflows that support HIPAA, SOC 2, customer due diligence, vendor assessments and internal risk reviews- Improve the quality, consistency and traceability of audit evidence
- Partner with Compliance, Legal and external auditors to reduce audit burden
GRC SYSTEMS, INTEGRATIONS & REPORTING
* Configure and improve GRC platforms, compliance tools, ticketing systems, documentation repositories and reporting workflows * Build integrations between GRC systems and source systems of record using APIs, webhooks, scripts and workflow automation tools * Develop dashboards and reports that show control health, remediation status, audit readiness and risk trends * Maintain documentation for control logic, data sources, automations and operational proceduresRISK, REMEDIATION & EXCEPTION MANAGEMENT
* Support risk and control assessments by providing technical analysis, control evidence and remediation tracking * Build workflows for risk acceptance, exception management, corrective action plans and control remediation * Partner with control owners to ensure findings are tracked, prioritized and resolved * Help define metrics that measure risk reduction, compliance maturity and control reliabilityAI GOVERNANCE & EMERGING COMPLIANCE AUTOMATION
* Help evaluate how AI tools, LLM platforms and AI-enabled workflows affect compliance, privacy and security requirements * Support governance controls for enterprise AI adoption, including access, logging, data protection, review workflows and evidence collection * Identify opportunities to use automation and AI responsibly to improve GRC operations * Stay current on emerging approaches to compliance automation, continuous assurance and AI-enabled GRCREQUIRED QUALIFICATIONS
* 3+ years of experience in GRC engineering, security engineering, compliance automation, IT risk, security operations, cloud security, infrastructure engineering or a related technical discipline * Hands-on experience translating compliance, risk or security requirements into technical controls, workflows or automations * Experience with frameworks such as HIPAA, SOC 2, NIST, ISO 27001, HITRUST, PCI or FedRAMP * Experience working with enterprise systems such as Okta, Google Workspace, AWS, Jamf, Intune, SentinelOne, Wiz, Jira, Confluence, Slack or similar platforms * Experience using APIs, scripting or workflow automation tools such as Python, Bash, PowerShell, Workato, Terraform, REST APIs, webhooks or JSON * Experience with audit evidence collection, control testing, remediation tracking or compliance reporting * Familiarity with GRC platforms, compliance automation tools, ticketing systems or control monitoring systems * Strong understanding of access control, endpoint security, cloud security, logging, vulnerability management and data protection concepts * Ability to work cross-functionally with Security, IT Engineering, Compliance, Legal and business stakeholders * Strong analytical thinking, ownership and ability to operate independently in ambiguous environmentsPREFERRED QUALIFICATIONS
- Experience in healthcare or other regulated environments
- Experience supporting HIPAA, SOC 2, NIST, HITRUST, ISO 27001 or similar
BENEFITS
Charlie Health is pleased to offer comprehensive benefits to all full-time employees. Read more about our benefits here [ Additional Information The total target base compensation for this role will be between $130,000 and $175,000 per year at the commencement of employment. Please note, pay will be determined on an individualized basis and will be impacted by location, experience, leveling, expertise, internal pay equity, and other relevant business considerations. Further, cash compensation is only part of the total compensation package, which, depending on the position, may include stock options and other Charlie Health-sponsored benefits.OUR VALUES
- Connection: Care deeply & inspire hope.
- Congruence: Stay curious & heed the evidence.
- Commitment: Act with urgency & don’t give up.
HELP.
Vacancy posted 22 hours ago
Similar jobs that could be interesting for youBased on the GRC Engineer in United States vacancy
- F5 Networks, Inc. is seeking a Principal in GRC Automation and Cyber Risk Quantification in Seattle. This senior role combines engineering and strategic leadership, focusing on designing, implementing, and scaling automated cyber risk capabilities. The candidate will work...Suggested
$300k - $320k
Anthropic is seeking a GRC/Compliance Engineer to join the Risk Management team in San Francisco. This role involves designing automated workflows, building data pipelines, and implementing GRC systems to enhance compliance processes. The ideal candidate will have 5-7 years...SuggestedFlexible hours$130k - $145k
NinjaTrader in Chicago is looking for a mid-level GRC Engineer to enhance its compliance program through automation. In this hands-on role, you'll integrate compliance workflows and run audits across SOC 2, ISO 27001, and SOX. The ideal candidate has 3-5 years of experience...Suggested- Dormont Manufacturing Co is looking for a GRC/Compliance Engineer to join our Risk Management team in San Francisco, California. This role involves designing and implementing workflows and data pipelines to enhance our compliance programs, as well as integrating various...SuggestedFlexible hours
- Brex LLC is seeking a Senior GRC Engineer based in San Francisco to drive critical Governance, Risk, and Compliance processes. This role emphasizes automating security controls and integrating security tools, ensuring compliance as the company expands. Candidates should...Suggested
$153.6k - $192k
United States Digital Space LLC is seeking a Senior GRC Engineer to strengthen compliance and risk management processes. The role involves automating controls, translating regulatory requirements into technical solutions, and contributing to the maturation of security...Work at officeRemote work$153.6k - $192k
A financial technology company based in New York is looking for a Senior GRC Engineer. The role involves automating compliance processes, supporting risk management initiatives, and collaborating with technical teams to ensure compliance in a growing hybrid environment...- United States Digital Space LLC is looking for an experienced software engineer to develop the platform supporting governance, risk, and compliance (GRC). You will build and integrate various systems to provide real-time compliance insights and support efficient decision...
$153.6k - $192k
United States Digital Space LLC is seeking a Senior GRC Engineer based in San Francisco to enhance its Governance, Risk, and Compliance function. You will automate compliance workflows and support Trust Assurance initiatives. Collaboration with engineering and product...Work at office$300k - $320k
...whole. Our team is a quickly growing group of committed researchers, engineers, policy experts, and business leaders working together to build beneficial AI systems. About the Role We are seeking a GRC/Compliance Engineer to join our Risk Management team and build the...Full timeWork at officeVisa sponsorshipFlexible hours- An established industry player is seeking a seasoned ServiceNow Developer with over 9 years of experience. This role focuses on GRC modules, Continuous Authorization, and Monitoring, where you will develop and maintain custom applications. You will leverage your strong...
$207k - $300k
Google Inc. seeks a Staff Software Engineer to develop AI-powered Governance, Risk, and Compliance automation. Ideal candidates should have... ...technical strategies and leading the implementation of critical GRC functions. The position offers a competitive salary of $207,000-...$207k - $300k
Staff Software Engineer, AI-Powered GRC Automation Apply In accordance with Washington state law, we are highlighting our comprehensive benefits package, which is available to all eligible US based employees. Benefits for this role include: Health, dental, vision, life...Full timeTemporary work- ...Senior Systems Engineer SAP Security & GRC, immediate start. I am working with a Pharmaceutical client with an urgent requirement for a Senior Systems Engineer to own and drive their SAP Security & GRC roadmap across S/4HANA and adjacent platforms (Ariba, MDG, BTP)....Immediate startRemote work
$138.21k - $172.76k
...directly enabling the Accelerating the Arches strategy. Department Overview We are seeking a highly skilled Cybersecurity Engineer III to join our GRC team. In this role, you will play a pivotal part in ensuring the security, compliance, and risk management of our...Local areaFlexible hoursShift work- Zania is looking for a GRC Engineer to build relationships with enterprise customers and ensure their success with our AI-driven compliance solutions. The role involves setting clear success goals, driving implementation projects to completion, and acting as a compliance...
- Klaviyo Inc. is seeking a highly motivated Senior Security Compliance Engineer to join our Security Trust & Compliance team. This individual will design and optimize automated solutions to enhance compliance operations and manage risks across all systems. The ideal candidate...
$148k - $175k
...third year in a row. In 2022, Ro was listed as a CNBC Disruptor 50. +The Role: The Governance Risk and Compliance Engineer role will be a core member of Ro’s GRC team. This is a remote, Individual Contributor role. The GRC team enables Ro to manage risk by vigorously...Local areaRemote workFlexible hours$82.6k - $162.8k
...SAP Security and GRC Access & Process Control Consultant / Security Engineer II Our Deloitte Cyber team helps organizations address cybersecurity challenges while enabling business growth and resilience. As part of this team, you will support clients in navigating an...Visa sponsorship$153k - $214k
...digital future. Trust is earned — and we’re building the systems to earn it at scale. 1Password is looking for a Senior Security Engineer – GRC Automation to design and implement automation, dashboards, and integrations that power our Governance, Risk, and Compliance (...Remote jobFull timeCurrently hiringLocal areaImmediate startWork from home- ...responsible for configuring ServiceNow solutions and participating in agile sprints. This position requires strong skills in developing GRC modules and system integrations. The company values diversity and is committed to equal employment opportunities. #J-18808-Ljbffr...
- Dormont Manufacturing Co is seeking a Senior GRC Engineer to join our Seattle team. You will bridge compliance expertise with technical execution, driving GRC processes to mitigate risk and ensure compliance. You’ll build automated systems to support security frameworks...Remote workFlexible hours
- Basis is seeking a Compliance Manager to oversee compliance programs such as SOC and ISO standards. This role emphasizes building GRC systems, automating workflows through AI, and ensuring effective vendor risk management. The ideal candidate will have hands-on experience...
$153.6k - $192k
United States Digital Space LLC is looking for a Senior GRC Engineer in Seattle. This role involves driving GRC processes to ensure compliance while automating security controls and building integrations with engineering teams. Candidates should have a strong background...Work at officeRemote workFlexible hours$108.45k - $173.55k
Nintendo is seeking a GRC Engineer to enhance compliance processes within its IT Security department. This early-to-mid-career role involves conducting cybersecurity risk assessments, supporting compliance with regulations, and improving GRC workflows through automation...$108.45k - $173.55k
Job Summary This role is within Nintendo of America (NOA)'s IT Security department. We are hiring a GRC Engineer to help modernize how Governance, Risk, and Compliance (GRC) operates across the organization. This role is focused on reducing compliance burden, improving...Relocation package- Zania is seeking a GRC Engineer in Palo Alto, California. In this role, you will bridge the product and enterprises, ensuring successful implementation of compliance solutions. You will set clear success goals, own customer relationships, and transition clients to a steady...Flexible hours
- GRC Engineer Why Zania Every enterprise spends millions of dollars on Governance, Risk, and Compliance (GRC). It's one of the most critical, yet universally painful, parts of running a business. For decades, this industry has been dominated by legacy systems with notoriously...Contract workWork at officeRelocation packageFlexible hoursDay shift
- ...day-to-day coverage for the development and support of the Archer GRC tool at Mass General Brigham. This includes but not limited to... ...guidance of the Archer Administrator and/or managers, the Archer Engineer I is expected to build out basic applications, layouts, data-...Work at officeRemote workFlexible hoursShift work2 days per week1 day per week
- ...Developer to join their Enterprise Risk Management Technologies Team. The role involves designing and implementing complex ServiceNow GRC solutions, configuring workflows, and providing ongoing support. Candidates should have over 7 years of experience with ServiceNow,...
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to GRC Engineer. Be the first to apply!

