XBOW

Information Security Engineer, GRC

XBOW

full-time

Posted on:

Location Type: Remote

Location: United States

Visit company website

Explore more

AI Apply
Apply

Salary

💰 $120,000 - $160,000 per year

About the role

  • Support customers and prospects by completing technical security questionnaires, risk assessments, and due-diligence requests
  • Partner with Sales and Customer teams to explain XBOW’s security controls, architecture, and compliance posture
  • Assess and manage third-party and vendor security risk, including reviews of SaaS providers and service partners
  • Help maintain and improve risk assessment frameworks, methodologies, and documentation
  • Track and support remediation of identified risks in collaboration with internal stakeholders
  • Contribute to compliance initiatives aligned with frameworks such as SOC 2 and ISO 27001
  • Maintain clear, well-structured risk registers, policies, and supporting evidence
  • Coordinate risk management sessions and processes
  • Identify opportunities to streamline and automate risk and compliance processes as the company scales
  • Support audits, customer reviews, and internal assurance activities as needed

Requirements

  • 3–5+ years of experience in risk, compliance, security assurance, or related roles
  • Hands-on experience completing or reviewing technical security questionnaires and customer risk assessments
  • Familiarity and experience with common security and compliance frameworks (e.g. SOC 2, ISO 27001, NIST, FedRAMP)
  • Comfortable assessing technical controls and working with engineers to understand system architecture
  • Experience conducting or supporting vendor / third-party risk assessments
  • Strong written communication skills, with the ability to explain complex security concepts clearly
  • Highly organized and detail-oriented, with a pragmatic approach to risk
  • Comfortable working in a fast-moving, remote-first startup environment
Benefits
  • Competitive salary and meaningful stock options.
  • Opportunity to learn from and collaborate with top security and AI experts
  • Work on complex technical challenges that support the foundation of our company
  • Work from anywhere, with regular opportunities to meet in person
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
risk assessmentstechnical security questionnairessecurity controlscompliance frameworksrisk managementvendor risk assessmentsSaaS securityrisk assessment frameworksdocumentationaudits
Soft Skills
written communicationorganizational skillsdetail-orientedpragmatic approachcollaborationproblem-solvingadaptabilitycustomer supportstakeholder managementprocess improvement