Magic

Senior GRC Engineer

Magic

full-time

Posted on:

Location Type: Remote

Location: Remote • 🇺🇸 United States

Visit company website
AI Apply
Apply

Salary

💰 $160,000 - $200,000 per year

Job Level

Senior

Tech Stack

GoPythonTerraformWeb3

About the role

  • Transform compliance and risk management capabilities through automation and engineering
  • Build automation and integrations between GRC frameworks and security/engineering tools
  • Lead automation-driven control assessment, evidence collection, and reporting processes
  • Replace legacy GRC approaches with frameworks that avoid checkbox compliance and improve stakeholder experience
  • Design and implement compliance-as-code frameworks, integrating security controls into infrastructure as code (IaC) and CI/CD pipelines
  • Develop automated evidence collection, control testing, and reporting systems that eliminate manual audit preparation
  • Help define GRC best practices for web3 governance DAOs and policy management of on-chain funds
  • Create APIs and integrations between GRC platforms (Drata, Vanta, etc.) and security/engineering toolchains
  • Work closely with Infrastructure, Engineering, and IT teams to embed security and compliance requirements into technical workflows
  • Coordinate and track security-related audits including scope, stakeholder engagement, and deliverable timelines; provide guidance and advocacy on audit responses

Requirements

  • 5+ years of experience in GRC, compliance, or security engineering roles with significant automation experience
  • Experience developing scripts in various scripting languages (Python, Go, etc.) and peer reviewing code/implementation/automation scripts
  • Knowledge of various regulations and controls (SOX, GDPR, ISO27001, NIST etc.)
  • Experience with GRC software tools and platforms (e.g., Drata, Vanta): designing, implementing, and managing GRC tools and technologies
  • Experience leading SOC 2, ISO 27001, and other compliance audits from technical preparation through external audits
  • Understanding of infrastructure as code (Python CDK, CloudFormation, Terraform etc.) for embedding compliance controls
  • Previous experience in crypto/web3 or other financially regulated environments (preferred)
  • Applicants must be authorized to work for any employer in the US or Canada; employer cannot sponsor or take over sponsorship of employment visas
Benefits
  • Remote-first culture with flexible working hours
  • Stock options and token grants
  • 99% company-paid medical, dental and vision insurance
  • 100% company-paid life and disability insurance
  • 401(k) plan (US) or pension plan (CAN)
  • $3,600 annual reimbursement for remote work, wellness, and professional development
  • Flexible time off
  • Up to 12 weeks of paid parental leave
  • *Canada coverage differs.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
automationGRCcompliance engineeringscripting languagesPythonGoinfrastructure as codeCI/CD pipelinescontrol testingAPI development
Soft skills
leadershipstakeholder engagementguidanceadvocacycoordinationorganizational skillscommunication
Certifications
SOC 2ISO 27001GDPRSOXNIST
Oklo Inc

Director, Government Programs – Compliance and Infrastructure

Oklo Inc
Leadfull-time$200k–$240k / yearCalifornia · 🇺🇸 United States
Posted: 32 minutes agoSource: boards.greenhouse.io
ERP
Centene Corporation

Senior Compliance Analyst – External Audit

Centene Corporation
Seniorfull-time$69k–$124k / year🇺🇸 United States
Posted: 1 hour agoSource: centene.wd5.myworkdayjobs.com
Veeva Systems

Technical Instructor – Regulatory

Veeva Systems
Mid · Seniorfull-time$70k–$120k / yearNorth Carolina, Pennsylvania · 🇺🇸 United States
Posted: 3 hours agoSource: jobs.lever.co
CloudVault
BioMarin Pharmaceutical Inc.

Manager, Regulatory CMC

BioMarin Pharmaceutical Inc.
Senior · Leadfull-time🇺🇸 United States
Posted: 3 hours agoSource: jobs.jobvite.com