Engineer IT Compliance responsible for compliance activities in regulated IT systems. Building partnerships with IT functions and ensuring regulatory alignment in pharmaceutical industry.
About the role
- GRC Lead at Replit guiding compliance and risk management across the organization. Leading team and architectural vision for automated compliance systems in software development.
Responsibilities
- Act as the technical anchor for the GRC team, mentoring GRC analysts and engineers.
- Own the technical vision for Replit’s GRC program, moving toward "Compliance-as-Code" and automated evidence collection.
- Champion a culture of security and privacy across the company, educating teams on *why* controls exist.
- Partner with Architects and Engineering Leads to incorporate compliance requirements early in the design phase.
- Work closely with Legal Counsel to implement requirements for Privacy (GDPR, CCPA) and emerging AI-specific regulations.
- Enable the Sales team by managing the Customer Trust Center and handling security questionnaires.
- Own and cultivate the relationship with external auditors, ensuring requests are relevant to our tech stack.
- Manage the Cybersecurity Risk Register, identifying, quantifying, and tracking risks.
- Manage compliance posture across SOC 2, ISO 27001, and prepare for future certifications in regulated markets.
- Drive the shift from manual evidence collection to continuous monitoring and assess third-party vendors.
Requirements
- 8+ years of experience in GRC or Information Security
- Leadership Experience: Proven experience mentoring other GRC professionals or leading complex cross-functional projects.
- Technical Fluency: Ability to speak the language of engineering, cloud (GCP/AWS), and security architecture. You can anticipate how architectural decisions impact risk and compliance.
- Regulatory Breadth: Deep experience with SOC 2, ISO 27001, PCI, HIPPA, and Privacy laws.
- Collaborative Communication: Strong ability to explain risk and tradeoffs to technical (Engineers), legal, and commercial (Sales/Execs) stakeholders.
- Automation Mindset: Experience with GRC automation tools (e.g., Vanta, Drata) and a bias toward reducing manual toil.
Benefits
- Competitive Salary & Equity
- 401(k) Program with a 4% match
- Health, Dental, Vision and Life Insurance
- Short Term and Long Term Disability
- Paid Parental, Medical, Caregiver Leave
- Commuter Benefits
- Monthly Wellness Stipend
- Autonomous Work Environment
- In Office Set-Up Reimbursement
- Flexible Time Off (FTO) + Holidays
- Quarterly Team Gatherings
- In Office Amenities
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Regulatory Affairs Associate for managing new drug registrations and preparing documentation in the India Market. Collaborating with stakeholders and supporting compliance in bulk drug registration.
Senior Tech Compliance Analyst at Syneos Health responsible for global Technology Disaster Recovery efforts, collaborating with various teams and service providers.
BL
Chief Nuclear Officer serving as the nuclear safety authority for BaRupOn's SMR/MMR programs. Establishing safety frameworks and ensuring regulatory compliance within the organization.
International Trade Compliance Manager overseeing compliance with international trade regulations at Northrop Grumman. Leading a team and managing compliance initiatives across multiple locations in the US.
Compliance Manager leading Autodesk's Enterprise Compliance program. Ensuring compliance with SOX, PCI regulations and overseeing security controls across teams.
Compliance Student supporting compliance and risk management activities for individual insurance at iA Financial Group. Involves monitoring processes, collaborating with teams, and assisting with compliance tasks.
Nurse Licensure & Compliance Coordinator managing multi - state nurse licensure and compliance inquiries while ensuring a positive nurse experience. Advocating for nurses and maintaining regulatory adherence at the organization.
508 Compliance Specialist working with the Office of the Inspector General for the DoD. Responsible for ensuring electronic accessibility for compliance with Section 508 regulations.
Senior Manager in Regulatory Affairs overseeing submission management and regulatory compliance. Leading cross - functional teams in a neuroscience - focused biopharmaceutical environment.