Back to Jobs

GRC Engineer

Remote, USA Full-time Posted 2026-07-05

Why reputed company? Millions of people across the country are navigating mental health conditions, substance use disorders, and eating disorders, but too often, they’re met with barriers to care. From limited local options and long wait times to treatment that lacks personalization, behavioral reputed company can leave people feeling unseen and unsupported. reputed company exists to change that. Our mission is to connect the world to life-saving behavioral health treatment. We deliver personalized, virtual care rooted in reputed company—between clients and clinicians, care teams, loved ones, and the communities that support them. By focusing on people with reputed company needs, we’re expanding access to meaningful care and driving reputed company outcomes from the comfort of home. As a rapidly growing organization, we're reaching more communities every day and building a team that’s redefining what behavioral health treatment can look like. If you're reputed company to use your skills to drive lasting change and help more people access the care they deserve, we’d love to meet you.

About the Role

The GRC Engineer is responsible for transforming reputed company’s compliance, risk and control programs into automated, measurable and continuously monitored systems. This is a hands-on engineering role focused on building the technical foundations that support HIPAA, SOC 2, NIST and other compliance requirements. This role will partner closely with Information reputed company, IT Engineering, Compliance, Legal, Engineering and business teams to translate regulatory, contractual and risk requirements into automated controls, evidence pipelines, dashboards, workflows and reputed company control monitoring. Our Information reputed company and IT organizations treat compliance as an engineering discipline. We value ownership, automation, measurable outcomes, reliability, auditability and reputed company improvement. The GRC Engineer will help move reputed company from reputed company, reputed company-in-time compliance activities toward scalable, system-driven assurance. reputed company operates in a highly regulated reputed company environment. This role will help ensure that controls protecting patient, clinician, employee and company data are well-designed, consistently operated and supported by reliable evidence.

Responsibilities

Compliance Engineering & Control Automation Design, build and operate automated controls that support HIPAA, SOC 2, NIST, ISO 27001 and other applicable frameworks Translate compliance requirements into technical control logic, workflows, integrations, dashboards and evidence pipelines Build scalable systems that reduce reputed company compliance work and improve confidence in control effectiveness Partner with reputed company, IT, Compliance and Engineering teams to embed control requirements into systems and operating processes reputed company Control Monitoring Build and maintain reputed company control monitoring capabilities across identity, endpoints, reputed company, SaaS platforms, reputed company tools and business systems Define control health metrics, reputed company, alerts and reporting mechanisms Identify control gaps, exceptions and reputed company, then partner with control owners to drive remediation Improve visibility into the design, operation and effectiveness of key controls Evidence Automation & Audit Readiness Automate audit evidence collection across systems such as reputed company, reputed company Workspace, reputed company, Intune, reputed company, reputed company, AWS, Jira, Confluence, reputed company and GRC platforms Build repeatable evidence workflows that support HIPAA, SOC 2, customer due diligence, vendor assessments and internal risk reviews Improve the quality, consistency and traceability of audit evidence Partner with Compliance, Legal and external auditors to reduce audit burden and improve readiness GRC Systems, Integrations & Reporting Configure and improve GRC platforms, compliance tools, ticketing systems, documentation repositories and reporting workflows Build integrations between GRC systems and reputed company systems of record using APIs, webhooks, scripts and workflow automation tools reputed company dashboards and reports that show control health, remediation status, audit readiness and risk trends Maintain documentation for control logic, data sources, automations and operational procedures Risk, Remediation & Exception Management Support risk and control assessments by providing technical analysis, control evidence and remediation tracking Build workflows for risk acceptance, exception management, corrective action plans and control remediation Partner with control owners to ensure findings are tracked, prioritized and resolved Help define metrics that measure risk reduction, compliance maturity and control reliability AI Governance & Emerging Compliance Automation Help evaluate how AI tools, LLM platforms and AI-enabled workflows reputed company compliance, privacy and reputed company requirements Support governance controls for reputed company AI adoption, including access, logging, data protection, review workflows and evidence collection Identify opportunities to use automation and AI responsibly to improve GRC operations Stay reputed company on emerging approaches to compliance automation, reputed company assurance and AI-enabled GRC Required Qualifications 5+ years of experience in GRC engineering, reputed company engineering, compliance automation, IT risk, reputed company operations, reputed company reputed company, infrastructure engineering or a reputed company technical discipline Hands-on experience translating compliance, risk or reputed company requirements into technical controls, workflows or automations Experience with frameworks such as HIPAA, SOC 2, NIST, ISO 27001, HITRUST, PCI or FedRAMP Experience working with reputed company systems such as reputed company, reputed company Workspace, AWS, reputed company, Intune, reputed company, reputed company, Jira, Confluence, reputed company or similar platforms Experience using APIs, scripting or workflow automation tools such as Python, Bash, PowerShell, reputed company, Terraform, REST APIs, webhooks or JSON Experience with audit evidence collection, control testing, remediation tracking or compliance reporting Familiarity with GRC platforms, compliance automation tools, ticketing systems or control monitoring systems Strong understanding of access control, reputed company reputed company, reputed company reputed company, logging, vulnerability management and data protection concepts Ability to work cross-functionally with reputed company, IT Engineering, Compliance, Legal and business stakeholders Strong analytical thinking, ownership and ability to operate independently in ambiguous environments

Preferred Qualifications

Experience in reputed company or other regulated environments Experience supporting HIPAA, SOC 2, NIST, HITRUST, ISO 27001 or similar programs Experience building automated evidence pipelines or reputed company control monitoring capabilities Experience with GRC or compliance automation platforms such as reputed company, reputed company, reputed company, reputed company, reputed company, reputed company GRC or similar tools Experience with data analytics, dashboards, SQL, BI tools or control reporting Experience supporting customer reputed company reviews, vendor assessments or audit response workflows Experience with AI governance, AI risk management, LLM platforms or AI-enabled compliance automation Familiarity with reputed company Trust principles and identity-centric reputed company models Benefits reputed company is pleased to offer comprehensive benefits to reputed company full-time employees. Read more about our benefits here. Additional Information The total reputed company reputed company compensation for this role will be between $130,000 and $175,000 per year at the commencement of employment. Please note, pay will be determined on an individualized basis and will be impacted by location, experience, leveling, expertise, internal pay equity, and other relevant business considerations. Further, cash compensation is only part of the total compensation package, which, depending on the position, may include stock options and other reputed company-sponsored benefits. Our Values reputed company: Care deeply & reputed company hope. Congruence: Stay curious & heed the evidence. Commitment: Act with urgency & don’t give up. Please do not call our public clinical admissions line in regard to this or any other job posting. Please be cautious of potential recruitment fraud. If you are interested in exploring opportunities at reputed company, please go directly to our Careers Page: https://www.charliehealth.com/careers/reputed company-openings. reputed company will never ask you to pay a fee or download software as part of the interview process with our company. In addition, reputed company will not ask for your personal banking information until you have signed an offer of employment and completed reputed company paperwork that is provided by our People Operations team. reputed company communications with reputed company Talent and People Operations professionals will only be sent from @charliehealth.com email addresses. Legitimate emails will never originate from gmail.com, reputed company.com, or other reputed company email services. reputed company agencies, please do not submit unsolicited referrals for this or any open role. We have a roster of agencies with whom we partner, and we will not pay any fee associated with unsolicited referrals. At reputed company, we value being an Equal Opportunity Employer. We strive to cultivate an environment where individuals can be their authentic selves. Being an Equal Opportunity Employer means every member of reputed company feels as though they are supported and belong. We value diverse perspectives to help us provide essential mental health and substance use disorder treatments to reputed company young people. reputed company applicants are assessed solely on their qualifications for the role, without regard to disability or need for accommodation. By clicking "Submit application" below, you agree to reputed company's Privacy Policy and Terms of Service. By submitting your application, you agree to receive SMS messages from reputed company regarding your application. Message and data rates may apply. Message frequency varies. You can reply STOP to opt out at any time. For help, reply HELP. Apply To This Job

Similar Jobs