Replit13.05.2026
GRC Engineer
Полная занятостьУдалёнка
Обязанности
- 01Act as a technical subject matter expert for the GRC team, driving quality, technical depth, and operational efficiency in security controls
- 02Own the technical vision for Replit’s GRC program, moving from manual workflows toward "Compliance-as-Code" and automated evidence collection
- 03Champion a culture of security and privacy across the company, educating teams on controls and their importance
- 04Partner with Architects and Engineering Leads to integrate compliance requirements early in the design phase
- 05Translate complex technical implementations into narratives that satisfy frameworks without slowing down development
- 06Work closely with Legal Counsel to interpret and implement requirements for Privacy (GDPR, CCPA) and emerging AI-specific regulations (e.g., EU AI Act)
- 07Enable the Sales team by managing the Customer Trust Center and handling complex security questionnaires
- 08Serve as a subject matter expert in customer calls to build confidence with enterprise prospects
- 09Own and cultivate the primary relationship with external auditors, bridging communication between auditors and internal teams
- 10Operate the Cybersecurity Risk Register, identifying, quantifying, and tracking risks
- 11Manage and evolve compliance posture across SOC 2, ISO 27001, and prepare for future certifications (FedRAMP, ITAR, PCI, HIPAA)
- 12Apply judgment to prioritize real security or business risks over "compliance theater"
- 13Drive the shift from manual evidence collection to continuous monitoring and automation
- 14Architect a scalable framework for assessing third-party vendors and AI model providers
Требования
- 018+ years of experience in GRC or Information Security
- 02Technical Fluency in engineering, cloud (GCP/AWS), and security architecture
- 03Ability to speak the language of engineering and anticipate how architectural decisions impact risk and compliance
- 04Deep experience with SOC 2, ISO 27001, PCI, HIPAA, and Privacy laws
- 05Strong ability to explain risk and tradeoffs to technical, legal, and commercial stakeholders
- 06Experience with GRC automation tools (e.g., Vanta, Drata) and bias toward reducing manual toil
Условия
- 01Full-time role with in-office requirement (Monday, Wednesday, Friday) in Foster City, CA
- 02Competitive Salary & Equity
- 03401(k) Program with a 4% match
- 04Health, Dental, Vision and Life Insurance
- 05Short Term and Long Term Disability
- 06Paid Parental, Medical, Caregiver Leave
- 07Commuter Benefits
- 08Monthly Wellness Stipend
- 09Autonomous Work Environment
- 10In Office Set-Up Reimbursement
- 11Flexible Time Off (FTO) + Holidays
- 12Quarterly Team Gatherings
- 13In Office Amenities