← all jobs

Security engineer, GRC

Work from home Full-time role Hiring

About this role WRITER is seeking a GRC Specialist to shape and lead our governance, risk, and compliance strategy for the AI era. As we pioneer AI/AGI technologies, we face a fast-changing regulatory landscape alongside established compliance frameworks. This role calls for a compliance leader who can balance rigorous adherence to standards with the flexibility to support rapid innovation. You’ll research emerging AI regulations, design scalable compliance programs, and manage risk in a way that accelerates—rather than hinders—our growth. You’ll own the end-to-end compliance strategy for WRITER, covering everything from SOC2, ISO, and GDPR to emerging AI governance requirements, while partnering with technical and legal teams to ensure controls are implemented effectively. If you can translate complex regulatory obligations into practical, business-aligned programs, you’ll have a profound impact on how WRITER builds safe, compliant, and trusted AI systems. Role Boundaries & Collaboration What You Own (Responsible)

  • Overall compliance program strategy and management
  • AI regulatory compliance research and implementation
  • Enterprise risk management framework
  • Third-party risk management program
  • Data privacy and governance programs
  • Audit coordination and management

What You Don't Own (Others Lead)

  • Technical implementation of security controls (other security teams own)
  • Operational security monitoring (Detection & Response owns)
  • Identity and access implementations (Enterprise/Corporate and Cloud/Infrastructure own)

Key Partnerships

  • With All Security Teams: You define compliance requirements; they implement technical controls
  • With AI Security: Partner on AI-specific regulatory requirements and risk assessments
  • With Enterprise/Corporate: They implement technical vendor assessments you define
  • With Legal: Collaborate on regulatory interpretation and privacy matters

‍♀️ Your responsibilities

  • Lead AI regulatory compliance — Research global AI regulations, develop compliance strategies, and align AI development with transparency, fairness, and safety requirements.
  • Own compliance programs — Manage SOC2, ISO 27001/27701/42001, GDPR, HIPAA, SOX readiness, and FedRAMP strategies.
  • Drive enterprise risk management — Design frameworks for assessing and mitigating AI-specific and enterprise-wide risks.
  • Manage third-party risk — Build vendor risk programs for AI/ML suppliers, cloud providers, and data processors.
  • Champion data privacy — Lead privacy programs for AI training data and user information, ensuring compliance with GDPR, CCPA, and emerging laws.
  • Coordinate audits and certifications — Oversee internal and external audits, evidence collection, and resolution of findings with minimal disruption.
  • Enable compliance through partnership — Define requirements and collaborate with security, engineering, and legal teams to implement controls.

⭐️ Is this you? Required Experience

  • 8+ years in governance, risk, and compliance for technology companies.
  • 5+ years managing compliance programs (SOC2 and ISO certifications required).
  • Proven experience in emerging technology compliance, ideally AI/ML governance.
  • Deep expertise in global privacy regulations and implementation.
  • Strong program and stakeholder management skills.

Technical Expertise

  • Expert in security frameworks (SOC2, ISO, NIST, GDPR, HIPAA, FedRAMP).
  • Understanding of AI/ML technologies and their unique risk profiles.
  • Proficiency with GRC platforms, automation tools, and risk assessment methods.
  • Knowledge of cloud security compliance requirements.
  • Experience with data governance, classification, and privacy-by-design.

Execution & Impact

  • Track record of building compliance programs from the ground up.
  • History of passing audits with minimal findings.
  • Proven ability to translate regulations into actionable, business-aligned programs.
  • Strong analytical approach to risk and compliance metrics.

Preferred Qualifications

  • Experience with AI governance frameworks.
  • Background in technology or engineering.
  • Certifications such as CISA, CRISC, CIPP.
  • Experience with public company compliance requirements.
  • Knowledge of international data transfer mechanisms.

Benefits & perks (US Full-time employees)

  • Generous PTO, plus company holidays
  • Medical, dental, and vision coverage for you and your family
  • Paid parental leave for all parents (12 weeks)
  • Fertility and family planning support
  • Early-detection cancer testing through Galleri
  • Flexible spending account and dependent FSA options
  • Health savings account for eligible plans with company contribution
  • Annual work-life stipends for:
  • Home office setup, cell phone, internet
  • Wellness stipend for gym, massage/chiropractor, personal training, etc.
  • Learning and development stipend
  • Company-wide off-sites and team off-sites
  • Competitive compensation, company stock options and 401k

WRITER is an equal-opportunity employer and is committed to diversity. We don't make hiring or employment decisions based on race, color, religion, creed, gender, national origin, age, disability, veteran status, marital status, pregnancy, sex, gender expression or identity, sexual orientation, citizenship, or any other basis protected by applicable local, state or federal law. Under the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records. By submitting your application on the application page, you acknowledge and agree to WRITER's Global Candidate Privacy Notice.

More open positions

100% Remote - Governance Risk and Compliance (GRC) Analyst - Contract to Hire

Work from home Full-time role

GRC Analyst at Suzy Remote

Work from home Full-time role

Cyber GRC Analyst job at News Corp in Austin, TX

Work from home Full-time role

Want GRC Analyst (remote, EST, PA preferred)) in Pittsburgh, PA

Work from home Full-time role

GRC Analyst/Technology Risk Analyst/GRC Specialist-REMOTE

Work from home Full-time role

[Remote] Senior Product Data Scientist

Work from home Full-time role

Lead Specialist, Email Marketing and Automation (Remote) in Chicago, IL in Stryker

Work from home Full-time role

Teen Remote Data Entry Associate – Flexible Work‑From‑Home Position with careerzynith

Work from home Full-time role

Corporate Trainer 2357674 | Dallas, TX | Remote

Work from home Full-time role

Cannabis Reviewer

Work from home Full-time role

OCI DevOps Engineer

Work from home Full-time role

Dynamic Call Center Representative & Customer Service Specialist – Remote Meter Reading Services & Billing Support at careerzynith

Work from home Full-time role

Remote Customer Service Representative – Passenger Support for careerzynith – Competitive $18/hr Hourly Rate, Flexible Home‑Based Role

Work from home Full-time role

Mission Critical Project Manager

Work from home Full-time role

Regulatory Specialist : FDA & Global Compliance - Full Time Hybrid

Work from home Full-time role

Paralegal

Work from home Full-time role

Remote Technical Support Agent | Smart Home Technology

Work from home Full-time role

Agriculture Community Educator- Oriskany, NY

Work from home Full-time role

Senior Data Manager

Work from home Full-time role

[Remote] Vietnamese-English Bilingual Healthcare Customer Service Representative - Remote in California

Work from home Full-time role

Proposal Writer

Work from home Full-time role