Compliance Engineer
GridwareSan Francisco, California, United States
Posted March 25, 2026
120000 - 145000 USD
Full Time
About the Company
Gridware is a San Francisco-based technology company dedicated to protecting and enhancing the electrical grid.
Job Description
Gridware is seeking a Compliance Engineer to design, implement, and operationalize controls across multiple frameworks. The ideal candidate will have 2-4 years of experience in information security compliance and a working knowledge of SOC 2, ISO 27001, NIST CSF/800-53, CIS Controls, and NERC CIP.
Requirements
- Design a unified control framework mapped across SOC 2, ISO 27001, CIS IG3, NERC CIP, and NIST (CSF/800-53)
- Develop and maintain a control library, policy inventory, and risk register
- Translate technical control requirements into actionable guidance for engineering, IT, and operations teams
- Build a structured, repeatable evidence collection process supporting concurrent audits across all frameworks
- Maintain a continuously updated evidence repository and coordinate with Engineering, DevOps, HR, and Legal to gather and validate artifacts
- Serve as primary liaison with external auditors; manage schedules, fieldwork, and findings remediation through to closure
- Own intake, triage, and completion of customer security questionnaires (SIG Lite, CAIQ, custom assessments)
- Maintain a living questionnaire knowledge base and develop customer-facing security documentation, including trust portal content
- Define compliance workflows, SOPs, tooling requirements, and automation opportunities as the program matures
- Monitor regulatory changes across NERC CIP, NIS 2, and NIST; proactively communicate impacts to the team
Benefits
- Health, Dental & Vision
- Paid parental leave
- Alternating day off
- âOff the Gridâ
- Commuter allowance
- Company-paid training
