×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Data Security

Sr. GRC Engineer

Remote / Online - Candidates ideally in
New York, New York County, New York, 10261, USA
Listing for: Omaze
Remote/Work from Home position
Listed on 2026-02-28
Job specializations:
  • IT/Tech
    Cybersecurity, Data Security
Salary/Wage Range or Industry Benchmark: 148000 - 175000 USD Yearly USD 148000.00 175000.00 YEAR
Job Description & How to Apply Below
Location: New York

Ro is a direct-to-patient healthcare company with a mission of helping patients achieve their health goals by delivering the easiest, most effective care possible. Ro is the only company to offer nationwide telehealth, labs, and pharmacy services. This is enabled by Ro's vertically integrated platform that helps patients achieve their goals through a convenient, end-to-end healthcare experience spanning from diagnosis, to delivery of medication, to ongoing care.

Since 2017, Ro has helped millions of patients, including one in every county in the United States, and in 98% of primary care deserts.

Ro has been recognized as a Fortune Best Workplace in New York and Health Care for four consecutive years (2021‑2024). In 2023, Ro was also named Best Workplace for Parents for the third year in a row. In 2022, Ro was listed as a CNBC Disruptor 50.

+

The Role:

The Governance Risk and Compliance Engineer role will be a core member of Ro’s GRC team. This is a remote, Individual Contributor role. The GRC team enables Ro to manage risk by vigorously assessing our operations against leading compliance frameworks and standing legislation. This individual contributor role will be a key player in both leading our audit readiness program while driving continuous compliance using leading AI and automation platforms.

What You’ll Do:
  • Serve as both a risk practitioner and automation engineer. Automate everything.
  • Own and maintain the compliance platform (Vanta), including control mapping, evidence collection, continuous monitoring, and audit workflows
  • Perform risk assessments, vendor security reviews, and control gap analyses, and track remediation through to completion
  • Manage control documentation, policies, procedures, and supporting artifacts across multiple compliance frameworks
  • Partner with Security, IT, Infrastructure, and Engineering teams to ensure technical and administrative controls align with documented policies and compliance requirements
  • Support internal and external audits (SOC 2, HIPAA, HITRUST)
  • Own and maintain the cyber risk register, collaborating with risk owners to quantify risks and develop remediation plans.
  • Develop and maintain risk reporting, metrics, and executive summaries with BI tools (Looker, Hex, etc)
What You’ll Bring to the Team:
  • 5+ years of combined experience across governance, risk, compliance, security engineering, or adjacent technical roles, including hands‑on experience working with compliance frameworks such as SOC 2, HIPAA, HITRUST, NIST, and PCI in modern, technology‑driven environments.
  • 3+ years of experience with ongoing compliance operations, with demonstrated progression from manual evidence collection to automated, continuously monitored controls.
  • 2+ years of hands‑on experience implementing and administering continuous compliance and evidence automation platforms (e.g., Vanta, Drata, Secure Frame), including configuring and creating custom integrations as well as optimizing automated evidence workflows.
  • Working knowledge of cloud computing platforms (AWS, Azure, GCP) and how their native services and configurations support security and compliance requirements.
  • Expertise in using Looker (or similar BI tool; HEX) to create dashboards, generate reports, and visualize GRC data for stakeholders, with a focus on simplifying complex data into actionable insights.
  • Ability to automate data ingestion, transformation, and reporting using scripting or programmatic approaches (e.g., Python, JavaScript, APIs, Tines.)
  • Strong analytical and root cause analysis skills
  • Kindness, and an ability to communicate to all levels of the organization
Bonus Points
  • Advanced GRC Automation & Engineering Mindset (custom automations or workflows beyond out‑of‑the‑box compliance tools)
We’ve Got You Covered:
  • Full medical, dental, and vision insurance + One Medical membership
  • Healthcare and Dependent Care FSA
  • 401(k) with company match
  • Flexible PTO
  • Wellbeing + Learning & Growth reimbursements
  • Paid parental leave + Fertility benefits
  • Pet insurance
  • Student loan refinancing
  • Virtual resources for mindfulness, counseling, and fitness
Compensation and Location

The target base salary for this position ranges from $148,000 to $175,000, in…

To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search