Senior GRC Engineer at Ro | Hybrid Hired

About the role

Governance Risk and Compliance Engineer at Ro, a telehealth company. Focus on risk management, compliance frameworks, and automation with AI.

Responsibilities

Serve as both a risk practitioner and automation engineer. Automate everything.
Own and maintain the compliance platform (Vanta), including control mapping, evidence collection, continuous monitoring, and audit workflows
Perform risk assessments, vendor security reviews, and control gap analyses, and track remediation through to completion
Manage control documentation, policies, procedures, and supporting artifacts across multiple compliance frameworks
Partner with Security, IT, Infrastructure, and Engineering teams to ensure technical and administrative controls align with documented policies and compliance requirements
Support internal and external audits (SOC 2, HIPAA, HITRUST)
Own and maintain the cyber risk register, collaborating with risk owners to quantify risks and develop remediation plans.
Develop and maintain risk reporting, metrics, and executive summaries with BI tools (Looker, Hex, etc)

Requirements

5+ years of combined experience across governance, risk, compliance, security engineering, or adjacent technical roles, including hands-on experience working with compliance frameworks such as SOC 2, HIPAA, HITRUST, NIST, and PCI in modern, technology-driven environments.
3+ years of experience with ongoing compliance operations, with demonstrated progression from manual evidence collection to automated, continuously monitored controls.
2+ years of hands-on experience implementing and administering continuous compliance and evidence automation platforms (e.g., Vanta, Drata, SecureFrame), including configuring and creating custom integrations as well as optimizing automated evidence workflows.
Working knowledge of cloud computing platforms (AWS, Azure, GCP) and how their native services and configurations support security and compliance requirements.
Expertise in using Looker (or similar BI tool; HEX) to create dashboards, generate reports, and visualize GRC data for stakeholders, with a focus on simplifying complex data into actionable insights.
Ability to automate data ingestion, transformation, and reporting using scripting or programmatic approaches (e.g., Python, JavaScript, APIs, Tines.)
Strong analytical and root cause analysis skills
Kindness, and an ability to communicate to all levels of the organization

Benefits

Full medical, dental, and vision insurance + OneMedical membership
Healthcare and Dependent Care FSA
401(k) with company match
Flexible PTO
Wellbeing + Learning & Growth reimbursements
Paid parental leave + Fertility benefits
Pet insurance
Student loan refinancing
Virtual resources for mindfulness, counseling, and fitness

Similar roles

Browse all Compliance jobs

1 hour ago

TC

Senior Analyst, Regulatory

The AES Corporation

Senior Analyst, Regulatory Affairs responsible for regulatory strategy and compliance within AES. Collaborating with various stakeholders to ensure RTO/ISO compliance and market strategies.

Hybrid Role

Arlington United States Compliance

4 hours ago

LE

Lawyer 2-4 PQE, Commercial and Regulatory – Disability, Medical and Aged Care

LegalVision

Join LegalVision as a motivated lawyer (2 - 4 PQE) in the Commercial and Regulatory Practice. Work with NDIS providers and healthcare organizations to navigate complex regulatory requirements.

Hybrid Role

Surry Hills Australia Compliance

4 hours ago

AB

Director, Compliance and Business Office

Abbott

Director managing IT security strategies and policies for Abbott. Overseeing IT security functions and implementation of company - wide policies in a healthcare leadership role.

Onsite Role

Abbott Park United States Compliance

$149,300 - $298,700 per year

9 hours ago

RA

Analyst, Import/Export Compliance

Rockwell Automation

Join Rockwell Automation as an Analyst ensuring import/export compliance. Focus on regulations, documentation, and shipment monitoring in a hybrid environment.

Hybrid Role

Monterrey Mexico Compliance

9 hours ago

CA

Regulatory Affairs Analyst – Mid Level

Captativa

Analista de Assuntos Regulatórios supporting regulatory strategies for multinational pharmaceutical company. Involves management of drug registration processes and performance monitoring in São Paulo.

Hybrid Role

São Paulo Brazil Compliance

11 hours ago

FR

Compliance Specialist

Freetrade

Compliance Specialist working at Freetrade to help meet regulatory requirements and support product development. Engaging with teams across the business and delivering training and reporting solutions.

Hybrid Role

Budapest Hungary Compliance

£875,000 - £1,100,000 per month

11 hours ago

RI

Manager, Policy – Regulatory Affairs

Rowan Digital Infrastructure

Manager of Regulatory Affairs & Public Policy at Rowan Digital Infrastructure shaping communications and strategies. Leading advocacy in the evolving regulatory landscape for data centers.

Hybrid Role

Denver United States Compliance

$130,000 - $160,000 per year

12 hours ago

AH

Compliance Coordinator

Astrana Health

Compliance Specialist supporting various Compliance initiatives and ensuring regulatory adherence in healthcare. Reporting to the Compliance Manager and collaborating with internal departments on compliance - related projects.

Hybrid Role

Orange United States Compliance

$23 - $28 per hour

21 hours ago

UP

Air Compliance Manager

UPS

Air Compliance Manager developing safety programs and conducting risk assessments at a global logistics leader. Ensuring compliance with regulations and maintaining staff certifications.

Onsite Role

Paranaque Philippines Compliance

22 hours ago

IN

Senior Consultant, Cyber & Digital Compliance

InstaClinic

Senior Consultant in Cybersecurity advising clients on EU cyber and digital compliance requirements. Collaborating with a team of experts to implement regulatory frameworks and solutions.

Hybrid Role

Espoo Finland Compliance

€5,500 - €6,500 per month