SpyCloud is on a mission to make the internet a safer place by disrupting the criminal underground. The GRC Engineer plays a critical role in strengthening SpyCloud's compliance posture by driving audit readiness, scaling continuous control testing, and embedding compliance requirements into cloud-native systems and workflows.

Requirements

5+ years of experience in Governance, Risk & Compliance (GRC), security compliance, auditing, or related roles
Demonstrated experience applying SOC 2, ISO 27001, and/or CMMC requirements to cloud environments
Experience leading audit readiness activities and working directly with auditors
Strong collaboration experience with engineering and cloud operations teams
Bachelor's degree in Information Security, Computer Science, Engineering, or equivalent professional experience
Ability to understand and write code, preferably Python, to automate evidence collection and validate cloud controls
Strong knowledge of cloud architectures, IAM, logging, monitoring, and cloud security best practices
Hands-on experience using Vanta for compliance automation and integrations
Familiarity with SOC 2, ISO 27001, CMMC, NIST 800-53, and CIS Benchmarks
Strong written and verbal communication skills
Ability to work independently and manage multiple priorities
Strong analytical, problem-solving, and collaboration skills

Benefits

401(k) with Employer Contribution
Health, Vision, and Dental Insurance
Health Savings Account (HSA) available with Employer Contribution
Employer Paid Life, Short-term, and Long-term Disability Insurance
Generous PTO Plan and 16 paid holidays per year

Requirements

5+ years of experience in Governance, Risk & Compliance (GRC), security compliance, auditing, or related roles
Demonstrated experience applying SOC 2, ISO 27001, and/or CMMC requirements to cloud environments
Experience leading audit readiness activities and working directly with auditors
Strong collaboration experience with engineering and cloud operations teams
Bachelor's degree in Information Security, Computer Science, Engineering, or equivalent professional experience
Ability to understand and write code, preferably Python, to automate evidence collection and validate cloud controls
Strong knowledge of cloud architectures, IAM, logging, monitoring, and cloud security best practices
Hands-on experience using Vanta for compliance automation and integrations
Familiarity with SOC 2, ISO 27001, CMMC, NIST 800-53, and CIS Benchmarks
Strong written and verbal communication skills
Ability to work independently and manage multiple priorities
Strong analytical, problem-solving, and collaboration skills

Benefits

401(k) with Employer Contribution
Health, Vision, and Dental Insurance
Health Savings Account (HSA) available with Employer Contribution
Employer Paid Life, Short-term, and Long-term Disability Insurance
Generous PTO Plan and 16 paid holidays per year

GRC Engineer

About the Company

Job Description

Requirements

Benefits

Similar Jobs

GRC Engineer

GRC Engineer

GRC Engineer I

GRC Engineer

About the Company

Job Description

Requirements

Benefits

Similar Jobs

GRC Engineer

GRC Engineer

GRC Engineer I

Job Details