Security GRC Engineer

Description

Robert Half is seeking for an experienced Security GRC Engineer to support the automation of security governance, risk management, audits and compliance, third-party risk management and customer trust functions. In this role, you will evaluate, design, implement, maintain and enhance GRC architectures and solutions, monitor and respond to compliance issues and security control gaps real-time. You will collaborate with the Threat Detection & Response team, Platform Engineering team and IT teams to ensure security controls are automated and substantiated end to end. You will help to reduce manual processes and improve efficiency to contribute to Grail's overall security posture.

• Evaluate, design and implement GRC architectures and solutions
• Monitor and respond to compliance issues and security control gaps, maintain and update relevant security tools and software to ensure compliance monitoring is proactive, real time and end to end.
• Collaborate with the Threat Detection & Response team, Platform Engineering team and IT teams to ensure security trust is evangelized, security controls are automated and substantiated end to end for all applicable security standards and all applicable customer/regulator expectations
• Collaborate with the GRC Operations team to ensure evidence and artifacts are relevant and have objectivity. You will help to reduce manual processes and improve efficiency.
• Continuously improve the coverage of Grail's unified control framework based on business initiatives, with a keen eye on augmenting the objectivity and quality of security evidence through GRC architecture, integrations and automations.
• Maintain the RFP data bank and ensure it is up to date and substantiated with traceable evidence corresponding to the area of controls in GRC tools. You will address technical customer security inquiries, including RFPs and security questionnaires.
• You will maintain an active backlog with Engineering and IT teams based on the identified gaps from customer / regulator expectation while continuously driving operational improvements.

Requirements

• In-depth knowledge of continuous compliance and continuous monitoring GRC platforms such as Vanta, Drata, etc
• Familiarity with CIS Benchmark controls and cybersecurity and privacy frameworks such as NIST Cybersecurity Framework, ISO 27001, SOC1/SOC2, GDPR, ISO 27701, PCI DSS. Prior experience with HIPAA and HITRUST is desired.
• Familiarity with network protocols, firewall, IDS/IPS technologies, cloud security controls, endpoint security controls and related security technologies.
• Proficiency in programming and scripting languages (e.g., Python, Java).
• Knowledge of encryption and data protection techniques.
• Proactive and adaptable, with can-do attitude, strong problem-solving abilities,attention to detail and excellent communication skills.
• Experience in startup or biotech/healthcare environments is a plus.
• Preferred certifications in Safe AI, such as SAFE AI Certification or equivalent in AI-related security domains.

Technology Doesn't Change the World, People Do.

Robert Half is the world's first and largest specialized talent solutions firm that connects highly qualified job seekers to opportunities at great companies. We offer contract, temporary and permanent placement solutions for finance and accounting, technology, marketing and creative, legal, and administrative and customer support roles.

Robert Half works to put you in the best position to succeed. We provide access to top jobs, competitive compensation and benefits, and free online training. Stay on top of every opportunity - whenever you choose - even on the go. Download the Robert Half app and get 1-tap apply, notifications of AI-matched jobs, and much more.

All applicants applying for U.S. job openings must be legally authorized to work in the United States. Benefits are available to contract/temporary professionals, including medical, vision, dental, and life and disability insurance. Hired contract/temporary professionals are also eligible to enroll in our company 401(k) plan. Visit roberthalf.gobenefits.net for more information.

2025 Robert Half. An Equal Opportunity Employer. M/F/Disability/Veterans. By clicking "Apply Now," you're agreeing to Robert Half's Terms of Use.