Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

Apply faster with JobTailor

Recommended
Apply

Apply your way

Use the standard apply link, or let JobTailor help you move faster.

  • Apply directly in one click
  • No setup required
  • Best if you’re in a hurry
Start AI Apply
TherapyNotes, LLC

GRC Engineer

TherapyNotes, LLC

. Conduct third-party risk assessments (TPRM), including vendor reviews, security questionnaires, and risk evaluations .

Posted 4/20/2026full-timeRemote • 🇺🇸 United StatesMid-LevelSenior💰 $100,000 - $140,000 per yearWebsite

Tech Stack

Tools & technologies
AWSAzureCloudGoGoogle Cloud PlatformPythonTerraform

About the role

Key responsibilities & impact
  • Conduct third-party risk assessments (TPRM), including vendor reviews, security questionnaires, and risk evaluations
  • Maintain and update security policies, standards, and procedures
  • Support compliance initiatives across frameworks (SOC 2, ISO 27001, HIPAA, NIST, etc.)
  • Perform internal risk assessments, control testing, and gap analyses
  • Identify manual, repetitive GRC processes and design automated solutions
  • Build and maintain automated evidence collection (via APIs, scripts, and integrations)
  • Implement continuous control monitoring (CCM) to replace point-in-time audits
  • Translate compliance requirements into technical controls and system configurations
  • Validate control effectiveness through automated testing and monitoring
  • Enable real-time or near-real-time risk visibility through dashboards and reporting systems
  • Work with Security Engineering to continuously audit configurations and remediate drift programmatically
  • Build scalable workflows for vendor risk assessments, re-assessments and tracking
  • Integrate vendor data into centralized risk systems
  • Automate intake, review, and monitoring processes for third-party security posture
  • Develop self-service audit evidence systems and dashboards
  • Partner with auditors to provide API-driven or system-generated evidence

Requirements

What you’ll need
  • Bachelor’s degree in Computer Science, Engineering, or related field (or equivalent experience)
  • 3–6+ years in security engineering, GRC, GRC engineering, or cloud security roles
  • Strong experience with scripting/programming (Python, Go, or similar)
  • Hands-on experience with cloud platforms (AWS, Azure, or GCP)
  • Familiarity with Infrastructure as Code (Terraform, CloudFormation, etc.)
  • Deep understanding of security controls and how they map to compliance frameworks
  • Experience integrating APIs and building automation pipelines

Benefits

Comp & perks
  • Employer sponsored health, dental, vision, life, and disability insurance
  • Retirement plan with company contribution
  • Annual company profit sharing
  • Personal development/training budget
  • Open, collaborative work environment
  • Extensive 2-week onboarding plan
  • Comprehensive mentorship program

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
scriptingprogrammingPythonGoAWSAzureGCPTerraformCloudFormationAPI integration
Certifications
Bachelor’s degree in Computer ScienceBachelor’s degree in EngineeringSOC 2ISO 27001HIPAANIST