Senior GRC Engineer at Ro | Hybrid Hired

About the role

Governance Risk and Compliance Engineer at Ro, a telehealth company. Focus on risk management, compliance frameworks, and automation with AI.

Responsibilities

Serve as both a risk practitioner and automation engineer. Automate everything.
Own and maintain the compliance platform (Vanta), including control mapping, evidence collection, continuous monitoring, and audit workflows
Perform risk assessments, vendor security reviews, and control gap analyses, and track remediation through to completion
Manage control documentation, policies, procedures, and supporting artifacts across multiple compliance frameworks
Partner with Security, IT, Infrastructure, and Engineering teams to ensure technical and administrative controls align with documented policies and compliance requirements
Support internal and external audits (SOC 2, HIPAA, HITRUST)
Own and maintain the cyber risk register, collaborating with risk owners to quantify risks and develop remediation plans.
Develop and maintain risk reporting, metrics, and executive summaries with BI tools (Looker, Hex, etc)

Requirements

5+ years of combined experience across governance, risk, compliance, security engineering, or adjacent technical roles, including hands-on experience working with compliance frameworks such as SOC 2, HIPAA, HITRUST, NIST, and PCI in modern, technology-driven environments.
3+ years of experience with ongoing compliance operations, with demonstrated progression from manual evidence collection to automated, continuously monitored controls.
2+ years of hands-on experience implementing and administering continuous compliance and evidence automation platforms (e.g., Vanta, Drata, SecureFrame), including configuring and creating custom integrations as well as optimizing automated evidence workflows.
Working knowledge of cloud computing platforms (AWS, Azure, GCP) and how their native services and configurations support security and compliance requirements.
Expertise in using Looker (or similar BI tool; HEX) to create dashboards, generate reports, and visualize GRC data for stakeholders, with a focus on simplifying complex data into actionable insights.
Ability to automate data ingestion, transformation, and reporting using scripting or programmatic approaches (e.g., Python, JavaScript, APIs, Tines.)
Strong analytical and root cause analysis skills
Kindness, and an ability to communicate to all levels of the organization

Benefits

Full medical, dental, and vision insurance + OneMedical membership
Healthcare and Dependent Care FSA
401(k) with company match
Flexible PTO
Wellbeing + Learning & Growth reimbursements
Paid parental leave + Fertility benefits
Pet insurance
Student loan refinancing
Virtual resources for mindfulness, counseling, and fitness

Similar roles

Browse all Compliance jobs

34 minutes ago

AS

Director, Promotional Regulatory Affairs

AstraZeneca

Director of Promotional Regulatory Affairs at AstraZeneca overseeing FDA compliance and regulatory strategy development. Collaborating with cross - functional teams to ensure promotional materials meet standards.

Hybrid Role

Gaithersburg United States Compliance

3 hours ago

MA

ITGC Compliance Manager

Minor Hotels Europe and Americas

ITGC Compliance Manager at BAT overseeing compliance with IT General controls within the Digital Business Solutions. Supporting management to improve compliance measures and coordinate with stakeholders.

Onsite Role

Subang Jaya Malaysia Compliance

5 hours ago

ST

Staff Regulatory Affairs Specialist

Stryker

Regulatory Affairs Specialist ensuring compliance for Class III and IV medical devices in Brazil. Collaborating within a LATAM matrix structure to provide regulatory guidance and support.

Hybrid Role

Sao Paulo Brazil Compliance

7 hours ago

PF

QPPV Compliance Director

Pfizer

QPPV Compliance Director supporting pharmacovigilance system quality and compliance at Pfizer. Collaborating with teams to meet regulatory requirements in international settings.

Hybrid Role

Milan Italy Compliance

9 hours ago

DU

Environmental Compliance Specialist I

Dudek

Environmental Compliance Specialist supporting compliance efforts on infrastructure and renewable energy projects. Conducting research, data collection, and ensuring adherence to environmental laws and regulations.

Hybrid Role

Fresno United States Compliance

$32 - $34 per hour

9 hours ago

MG

Senior Compliance Analyst

MDS Group

Compliance Analyst ensuring all operations comply with laws and internal policies at MDS Brasil. Focus on risk management, training, and regulatory compliance oversight.

Hybrid Role

São Paulo Brazil Compliance

11 hours ago

SY

Construction Compliance Coordinator

Sysco

Construction Compliance Coordinator ensuring safety compliance for Edward Don projects. Responsible for vendor setup, documentation, and collaboration with various departments on compliance matters.

Hybrid Role

The Colony United States Compliance

$25 per hour

11 hours ago

SI

Analista de Dados PL – Compliance e Controles Internos

Sicredi

Data Analyst for the Compliance and Internal Controls team at Sicredi, utilizing SQL and Python for data analysis and monitoring.

Hybrid Role

Porto Alegre Brazil Compliance

12 hours ago

KB

Compliance Analyst

Kumon Brasil

Analista Compliance overseeing ethics and privacy compliance activities at Kumon. Ensuring adherence to legal regulations and internal policies in a multinational education organization.

Hybrid Role

São Paulo Brazil Compliance

13 hours ago

JJ

Director, Health Care Compliance Officer

Johnson & Johnson

Director overseeing Health Care compliance strategies in MedTech at Johnson & Johnson. Leading efforts for compliance, risk management, and operational excellence in healthcare innovations.

Hybrid Role

Santa Clara United States Compliance

$172,000 - $297,850 per year