Payabli
The next-generation payments infrastructure for software companies to quickly and easily embed and monetize payments.
GRC Engineer
Location
United States
Posted
8 days ago
Salary
Not specified
EnglishCloud
Job Description
• Own and maintain the compliance platform (Drata), including control mapping, evidence collection, continuous monitoring, and audit workflows
• Manage control documentation, policies, procedures, and supporting artifacts across multiple compliance frameworks
• Perform risk assessments, vendor security reviews, and control gap analyses, and track remediation through to completion
• Partner with Security, IT, and Engineering teams to ensure technical and administrative controls align with documented policies and compliance requirements
• Support internal and external audits, including SOC 2, PCI DSS, and customer security reviews
• Conduct periodic user access reviews and assist with access governance and RBAC validation
• Develop and maintain compliance reporting, metrics, and executive ready summaries
• Identify and implement automation opportunities to streamline evidence collection, access reviews, and policy lifecycle management
Job Requirements
- Hands on experience operating and maintaining a compliance platform such as Drata or similar
- Strong understanding of GRC fundamentals, including control design, evidence management, and audit readiness
- Experience performing user access reviews and supporting identity and access governance processes
- Working knowledge of security and compliance frameworks such as PCI DSS, SOC 2, ISO 27001 or ISO 42001, and NIST
- Experience collaborating with technical teams to validate cloud, application, and security controls
- Strong documentation skills with the ability to translate technical controls into clear compliance narratives
Benefits
- Competitive base
- Equity package
- 100% remote (US-based)
- Medical, dental, and vision
- 401(k) program (eligible after 3 months)
- Unlimited PTO
