Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
TherapyNotes, LLC

GRC Engineer

TherapyNotes, LLC

GRC Engineer focusing on core GRC functions and automating processes for TherapyNotes. Join a dynamic team innovating in behavioral health software.

Posted 4/20/2026full-timeRemote • 🇺🇸 United StatesMid-LevelSenior💰 $100,000 - $140,000 per yearWebsite

Tech Stack

Tools & technologies
AWSAzureCloudGoGoogle Cloud PlatformPythonTerraform

About the role

Key responsibilities & impact
  • Conduct third-party risk assessments (TPRM), including vendor reviews, security questionnaires, and risk evaluations
  • Maintain and update security policies, standards, and procedures
  • Support compliance initiatives across frameworks (SOC 2, ISO 27001, HIPAA, NIST, etc.)
  • Perform internal risk assessments, control testing, and gap analyses
  • Identify manual, repetitive GRC processes and design automated solutions
  • Build and maintain automated evidence collection (via APIs, scripts, and integrations)
  • Implement continuous control monitoring (CCM) to replace point-in-time audits
  • Translate compliance requirements into technical controls and system configurations
  • Validate control effectiveness through automated testing and monitoring
  • Enable real-time or near-real-time risk visibility through dashboards and reporting systems
  • Work with Security Engineering to continuously audit configurations and remediate drift programmatically
  • Build scalable workflows for vendor risk assessments, re-assessments and tracking
  • Integrate vendor data into centralized risk systems
  • Automate intake, review, and monitoring processes for third-party security posture
  • Develop self-service audit evidence systems and dashboards
  • Partner with auditors to provide API-driven or system-generated evidence

Requirements

What you’ll need
  • Bachelor’s degree in Computer Science, Engineering, or related field (or equivalent experience)
  • 3–6+ years in security engineering, GRC, GRC engineering, or cloud security roles
  • Strong experience with scripting/programming (Python, Go, or similar)
  • Hands-on experience with cloud platforms (AWS, Azure, or GCP)
  • Familiarity with Infrastructure as Code (Terraform, CloudFormation, etc.)
  • Deep understanding of security controls and how they map to compliance frameworks
  • Experience integrating APIs and building automation pipelines

Benefits

Comp & perks
  • Employer sponsored health, dental, vision, life, and disability insurance
  • Retirement plan with company contribution
  • Annual company profit sharing
  • Personal development/training budget
  • Open, collaborative work environment
  • Extensive 2-week onboarding plan
  • Comprehensive mentorship program

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
scriptingprogrammingPythonGoAWSAzureGCPTerraformCloudFormationAPI integration
Certifications
Bachelor’s degree in Computer ScienceBachelor’s degree in EngineeringSOC 2ISO 27001HIPAANIST