JobRushJobRush
Sign inCreate account
All jobs

Senior Security Engineer, GRC

Temporaltechnologies4h ago
CanadaRemoteFull-timeSenior Level8+ yrs exp
Apply now

Top focus

Security EngineerCloud Security Engineer
  • About Us
  • Temporal is an open source programming model that can simplify code, make applications more reliable
  • help developers focus on the important things like delivering features faster. We are on a mission to be the reliable foundation of every developer’s toolbox
  • are building the team that will make that happen.
  • Our values guide us —they are present in how we show up, make decisions, and work together to make an impact. We’re curious, driven, collaborative, genuine and humble.
  • Temporal is growing and we are looking for those who share our values, challenge 'standard' thinking
  • want to influence our future. If you have a passion for improving the developer experience, building world-class open-source software and communities
  • want to be a part of our amazing team, we'd love to hear from you!
  • Summary
  • Join our team as a Senior Security Engineer, GRC
  • you'll be the primary owner of our customer-facing compliance program and a trusted partner throughout the enterprise sales cycle. In this role, you will manage the end-to-end lifecycle of security questionnaires, due diligence requests
  • compliance reviews and automate parts of that process. You will ensure prospective and existing customers have full confidence in our security posture and you will work closely with Sales, Legal
  • Product to represent our compliance program externally
  • maintaining the internal rigor of our governance and risk frameworks.
  • What You'll Do
  • Own the intake, prioritization
  • completion of all inbound customer security questionnaires, RFPs
  • due diligence requests including SIG, CAIQ
  • custom enterprise questionnaires with a commitment to accuracy, thoroughness
  • Serve as the primary customer-facing representative for security and compliance, leading calls and meetings with enterprise customers, prospects, and their security or procurement teams.
  • Build and maintain a comprehensive, evergreen response library for common security and compliance questions, reducing duplication of effort and ensuring consistency across all customer engagements.
  • Build and maintain automations to continuously validate the organization's compliance posture across key frameworks including SOC2 Type II, ISO 27001
  • HIPAA, coordinating evidence collection, managing external auditor relationships
  • driving readiness for annual assessments.
  • Build dashboards and reporting pipelines that provide leadership with real-time visibility into compliance posture, open risks, and program health.
  • Design and automate the third-party risk assessment process, including vendor tiering logic, questionnaire workflows, and continuous monitoring for critical vendors.
  • Perform ongoing risk assessments and maintain a risk register that reflects the current threat and compliance landscape, escalating material findings to leadership with clear remediation recommendations.
  • Conduct third-party vendor risk assessments, including use case-specific risk analysis, ongoing tiering and monitoring, and implementation recommendations.
  • Author, maintain, and operationalize security policies and procedures; track employee acknowledgments and manage exceptions through to resolution.
  • Coordinate and participate in customer security review meetings, including onsite or virtual sessions with enterprise security, legal, and procurement stakeholders.
  • Collaborate cross-functionally with Engineering, Legal, and Product to gather documentation, validate control descriptions, and resolve compliance gaps surfaced through customer inquiries.
  • What You'll Bring
  • 8+ years of experience in GRC, information security compliance, or a closely related field.
  • Deep, hands-on experience with at least two major compliance frameworks (SOC2, ISO 27001, HIPAA, PCI-DSS, or FedRAMP), including direct involvement in audits and assessments.
  • Proven track record managing high volumes of security questionnaires and enterprise due diligence requests, including SIG and CAIQ formats.
  • Strong understanding of the security program’s influence on company revenue and a partnership mindset with the Go To Market function.
  • Scripting and automation fluency (Python, Bash, or similar) and a track record of building tools, not just spreadsheets.
  • Strong customer-facing communication skills, you are equally comfortable presenting to a CISO, walking a procurement team through a control matrix
  • discussing technical security controls with customer engineering leaders.
  • Solid understanding of risk management principles, with hands-on experience performing risk assessments and maintaining a risk register.
  • Ability to translate technical security controls into clear, business-appropriate language for non-technical audiences including customers, legal teams, and executives.
  • Strong organizational skills and the ability to manage multiple concurrent questionnaire engagements, each with distinct deadlines and stakeholder requirements.
  • Bachelor's degree in Information Security, Computer Science, Business, or a related field (or equivalent experience).
  • Nice to Have
  • Security certifications: CISSP, CISM, CRISC, CISA, or CCSP.
  • Experience with GRC platforms such as Vanta, Drata, Sprinto, or similar.
  • Familiarity with NIST CSF or NIST 800-53 control frameworks.
  • Background in SaaS, fintech, or healthcare environments with regulated data handling requirements.
  • Experience drafting or reviewing Data Processing Agreements (DPAs), Business Associate Agreements (BAAs), or security-related contract language.
  • Experience supporting FedRAMP authorization or state-level public sector compliance programs.
  • Compensation
  • The estimated pay range for this role is $180,000 - $225,000, depending on qualifications and location.
  • This role is eligible to participate in Temporal's equity plan.
  • Compensation ranges reflect salary and commission compensation (when applicable) across several geographic markets. Employment offers carefully consider multiple factors, including prior experience, knowledge, expertise, skillset, market location
  • job level assessed during the interview process.
  • Employee benefits and perks below are for full-time employees, part-time or temporary positions are excluded.
  • U.S. Benefits
  • Unlimited PTO, 12 Holidays + 2 Floating Holidays
  • 100% Premiums Coverage for Medical, Dental, and Vision
  • AD&D, LT & ST Disability, and Life Insurance (Standard & Supplemental Available)
  • Empower 401K Plan
  • Additional Perks for Learning & Development, Lifestyle Spending, In-Home Office Setup, Professional Memberships, WFH Meals, Internet Stipend and more!
  • International Benefits
  • Paid Time Off (PTO) and Benefits outside the United States vary by country
  • are issued in partnership with Remote.com . Additionally, Temporal offers perks to all international employees for learning & career development, a lifestyle spending account, in-home office setup (in addition to company-issued hardware), professional memberships, work-from-home meals
  • access to the Calm app for mental wellness.
  • Travel
  • Temporal is a globally distributed, collaborative team that values opportunities for in-person connection. Occasional travel may be required for company events, team offsites
  • other meaningful moments that bring us together.
  • Additional Perks
  • $3,600 / Year Work from Home Meals
  • $1,800 / Year Professional Enrichment (Career Development & Professional Memberships)
  • $1,200 / Year Lifestyle Spending Account
  • $1,000 / Year In-Home Office Setup (In addition to Temporal issued equipment - laptop, monitor, keyboard, mouse, trackpad, and extension power cable at no cost to you)
  • $74 / Month Reimbursement for Internet
  • Calm App Subscription for Mental Health & Wellness
  • Temporal Technologies is an Equal Opportunity Employer. Temporal Technologies does not discriminate on the basis of race, religion, color, sex, gender identity, sexual orientation, age, non-disqualifying physical or mental disability, national origin, veteran status
  • any other basis covered by appropriate law. All employment is decided on the basis of qualifications, merit
  • business need. We embrace and celebrate differences and diversity.
  • Temporal is committed to providing access, equal opportunity
  • reasonable accommodation for individuals with disabilities in employment, its services, programs
  • activities. If you need to request a reasonable accommodation, please let your Recruiter know so we can assist.
  • We are not working with external recruitment agencies, thanks.

Required skills

GRCinformation security complianceSOC2ISO 27001HIPAAPCI-DSSFedRAMPPythonBash
Posted on JobRush — the end-to-end AI job-search platform.