Atlan Stormwater

Senior GRC Engineer

Atlan Stormwater

full-time

Posted on:

Location Type: Remote

Location: India

Visit company website

Explore more

AI Apply
Apply

Job Level

Senior

Tech Stack

Cloud

About the role

  • Compliance program maturity — Lead end-to-end audit execution across SOC 2, ISO 27001, ISO 42001, ISO 27701, HIPAA, and GDPR. Own auditor relationships, coordinate cross-functional evidence collection, and maintain year-round audit readiness.
  • Next-generation framework adoption — Drive FedRAMP readiness: assess platform gaps, build roadmaps, and turn new certifications into planned projects rather than fire drills.
  • Enterprise risk management — Build and mature Atlan's risk management program. Identify, assess, and track risks across security, operational, compliance, and third-party domains. Turn abstract risk conversations into measurable metrics with clear ownership and quarterly leadership reviews.
  • Third-party risk management — Own Atlan's vendor security assessment program end-to-end: tiered vendor reviews, security questionnaires, risk scoring, and ongoing monitoring. Balance vendor risk against business need at scale.
  • Compliance automation infrastructure — Integrate our GRC platform with cloud infrastructure, CI/CD pipelines, HR systems, and product engineering tooling to automate evidence collection and continuous control testing. Reduce manual audit prep effort significantly.
  • Controls that prove themselves — Partner with engineering and product teams to design technical controls that automatically generate auditable evidence. Implement continuous testing that catches gaps before auditors do.
  • Continuous controls monitoring — Design and operate real-time visibility into control effectiveness: automated dashboards, live control status, and alerting that surfaces gaps before audit cycles begin — not during them.
  • Organizational compliance capability — Build awareness programs, run training for engineering and cross-functional teams, and create self-service dashboards that make compliance easy. Make secure-by-default the path of least resistance.

Requirements

  • 5+ years owning SOC 2 Type II and/or ISO 27001 audits end-to-end — you've been the point person coordinating auditors, collecting evidence, and managing findings
  • Hands-on experience across multiple frameworks: SOC 2, ISO 27001, ISO 42001, and at least two of GDPR, HIPAA, ISO 27701, FedRAMP, or CCPA
  • Regulatory intelligence mindset — you track emerging requirements and build readiness roadmaps before compliance becomes urgent
  • Experience with modern GRC platforms (Vanta, Drata, Secureframe, or similar) extended via API — not just out-of-box configuration
  • Comfortable with REST APIs, JSON, OAuth, and CI/CD integrations
  • Built or maintained risk registers, facilitated leadership risk reviews, and turned risk conversations into concrete action plans
  • Customer-facing experience: security questionnaires, trust portals, or supporting enterprise sales cycles with compliance documentation
  • Able to influence engineering, product, HR, legal, and IT without formal authority — you're an enabler, not a gatekeeper
  • You actively use AI tools to accelerate compliance work: drafting control narratives, triaging risk findings, generating evidence summaries, and building AI-assisted workflows for continuous monitoring. You understand enough about AI systems to assess their risk implications — not just use them as productivity tools.
  • You drive toward outcomes without waiting for perfect requirements. You identify problems and build solutions. You thrive in ambiguity.
Benefits
  • Competitive Compensation: We benchmark at the top of the market and keep compensation simple: strong base salary, performance-based variable pay, and impact-driven equity, so your total rewards grow in step with the value you create over time.
  • Health & Wellness: From Day‑1 health, dental, vision, and mental health to pet‑care perks and flexible health stipends, we design benefits offerings that lead in each country we're in.
  • Flexible Time Off & Leave Policies: We trust you to own your energy: flexible time off and modern leave so you can unplug properly, support yourself and your loved ones, and come back ready to drive an impact.
  • Accelerated Growth & Learning: Develop at an uncommon velocity through cutting-edge tech, complex implementations, and an experienced team that values mastery.
  • AI Native Culture: Atlan is where AI-native builders come to build the systems the future of work will run on. AI isn’t an add-on, it’s woven into how we build, think, and work every day, empowering every Atlanian to move faster and create a bigger impact.
  • Global, Remote-First, High-Trust: Work from anywhere with a diverse team across 15+ countries, in a trust-first, async environment that gives you true flexibility and ownership over how you work.
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
SOC 2 Type II auditsISO 27001 auditsISO 42001GDPRHIPAAISO 27701FedRAMPCCPArisk managementcompliance automation
Soft Skills
regulatory intelligenceinfluence without authoritycustomer-facing experienceproblem-solvingadaptabilitycommunicationcollaborationleadershiptrainingmetrics-driven