Sr. GRC Engineer - New York
1 day ago
Job description
Ro is a direct-to-patient healthcare company with a mission of helping patients achieve their health goals by delivering the easiest, most effective care possible.
Ro is the only company to offer nationwide telehealth, labs, and pharmacy services.This is enabled by Ro's vertically integrated platform that helps patients achieve their goals through a convenient, end-to-end healthcare experience spanning from diagnosis, to delivery of medication, to ongoing care.
Since 2017, Ro has helped millions of patients, including one in every county in the United States, and in 98% of primary care deserts.
Ro has been recognized as a Fortune Best Workplace in New York and Health Care for four consecutive years In 2023, Ro was also named Best Workplace for Parents for the third year in a row.
The Role
The Governance Risk and Compliance Engineer role will be a core member of Ro's GRC team. This is a remote, Individual Contributor role.
The GRC team enables Ro to manage risk by vigorously assessing our operations against leading compliance frameworks and standing legislation.
This individual contributor role will be a key player in both leading our audit readiness program while driving continuous compliance using leading AI and automation platforms.
What You'll DoServe as both a risk practitioner and automation engineer. Automate everything.
Own and maintain the compliance platform (Vanta), including control mapping, evidence collection, continuous monitoring, and audit workflows
Perform risk assessments, vendor security reviews, and control gap analyses, and track remediation through to completion
Manage control documentation, policies, procedures, and supporting artifacts across multiple compliance frameworks
Partner with Security, IT, Infrastructure, and Engineering teams to ensure technical and administrative controls align with documented policies and compliance requirements
Support internal and external audits (SOC 2, HIPAA, HITRUST)
Own and maintain the cyber risk register, collaborating with risk owners to quantify risks and develop remediation plans.
Develop and maintain risk reporting, metrics, and executive summaries with BI tools (Looker, Hex, etc)
What You'll Bring To The Team
5+ years of combined experience across governance, risk, compliance, security engineering, or adjacent technical roles, including hands-on experience working with compliance frameworks such as SOC 2, HIPAA, HITRUST, NIST, and PCI in modern, technology-driven environments.
3+ years of experience with ongoing compliance operations, with demonstrated progression from manual evidence collection to automated, continuously monitored controls.
2+ years of hands-on experience implementing and administering continuous compliance and evidence automation platforms (e.g., Vanta, Drata, SecureFrame), including configuring and creating custom integrations as well as optimizing automated evidence workflows.
Working knowledge of cloud computing platforms (AWS, Azure, GCP) and how their native services and configurations support security and compliance requirements.
Expertise in using Looker (or similar BI tool; HEX) to create dashboards, generate reports, and visualize GRC data for stakeholders, with a focus on simplifying complex data into actionable insights.
Ability to automate data ingestion, transformation, and reporting using scripting or programmatic approaches (e.g., Python, JavaScript, APIs, Tines.)Strong analytical and root cause analysis skills
Kindness, and an ability to communicate to all levels of the organization
Bonus Points
Advanced GRC Automation & Engineering Mindset (custom automatons or workflows beyond out-of-the-box compliance tools)
We've Got You Covered
Full medical, dental, and vision insurance + OneMedical membership
Healthcare and Dependent Care FSA
401(k) with company match
Flexible PTO
Wellbeing + Learning & Growth reimbursements
Paid parental leave + Fertility benefits
Pet insurance
Student loan refinancing
Virtual resources for mindfulness, counseling, and fitness
The target base salary for this position ranges from $148,000 to $175,000, in addition to a competitive equity and benefits package (as applicable).
Ro recognizes the power of in-person collaboration, while supporting the flexibility to work anywhere in the United States. For our Ro'ers in the tri-state (NY) area, you will join us at HQ on Tuesdays and Thursdays.
For those outside of the tri-state area, you will be able to join in-person collaborations throughout the year (i.e., during team on-sites).
At Ro, we believe that our diverse perspectives are our biggest strengths — and that embracing them will create real change in healthcare.
As an equal opportunity employer, we provide equal opportunity in all aspects of employment, including recruiting, hiring, compensation, training and promotion, termination, and any other terms and conditions of employment without regard to race, ethnicity, color, religion, sex, sexual orientation, gender identity, gender expression, familial status, age, disability and/or any other legally protected classification protected by federal, state, or local law.
See our California Privacy Policy here .Similar jobs
We're hiring a GRC Engineer to help build and operationalize Method's Security and Compliance function. · This is a hands-on role with broad ownership and real impact. You'll own the day-to-day governance, risk, and compliance operations — maintaining audit readiness, · respondin ...
5 days ago
Meet Method · Method has built the most modern way to connect to consumer financial accounts. Combining real-time liability connectivity with instant payment execution, Method's API is designed to make it easy for people to connect their financial accounts to the apps and service ...
2 days ago
This position involves influencing compliance and security initiatives within a fast-paced environment.We are looking for a Governance Risk Compliance Engineer - REMOTE who will partner with various functions to design implement maintain compliance programs. · ...
1 month ago
We are currently looking for a Governance, Risk, and Compliance Engineer - REMOTE. · This position is posted by Jobgether on behalf of a partner company. · In this role you will have the opportunity to significantly influence compliance and security initiatives within a fast-pace ...
1 month ago
We are seeking a Senior GRC Engineer to support the development · expansion and maintenance of technical compliance solutions across a distributed global environment.This role focuses on SOX-related engineering automation and control implementation working closely with internal t ...
2 weeks ago
+We are seeking a Senior GRC Engineer to support the development, expansion, and maintenance of technical compliance solutions across a distributed global environment. · +Support technical regulatory compliance initiatives, including code-based SOX controls · Collaborate with UK- ...
2 weeks ago
The company is seeking a GRC Analyst / Specialist to join the New York City team.This role will assess business processes, data flows, operational practices, · and third-party relationships; identify and evaluate risk; and drive the implementation of effective governance · and ri ...
2 weeks ago
We are seeking a Senior GRC Engineer to drive critical GRC processes that mitigate risk, keep us compliant, and build trust with our customers and partners. · Brex's Governance, Risk, and Compliance function is at an exciting and pivotal point in our maturity journey. · ...
1 month ago
· This role is pivotal in providing second-line oversight of Meta's security risk management and compliance across multiple business units, regulatory entities, and governance forums. · ...
4 weeks ago
Brex is the AI-powered spend platform. We help companies spend with confidence with integrated corporate cards, banking, and global payments. · We're committed to building a diverse team and inclusive culture. · ...
1 month ago
Engineering · Engineering at Brex is about building systems that scale with speed and intention. Our teams span Software, Data, Security, and IT, and operate with high autonomy and deep collaboration. We tackle hard technical problems, own our outcomes, and push for excellence at ...
2 days ago
Justworks is seeking an exceptional Lead Security Risk Analyst to join our Governance Risk & Compliance (GRC) team. · Good judgment - the exercise of critical thinking, analyzing and assessing problems and implications... · ...
1 month ago
Why join us · Brex is the AI-powered spend platform. We help companies spend with confidence with integrated corporate cards, banking, and global payments, plus intuitive software for travel and expenses. Tens of thousands of companies from startups to enterprises — including Doo ...
1 day ago
We are building an AI-driven simulation software stack for engineering and manufacturing across advanced industries. · The RoleAs a Compliance Engineer, you will be building and operationalizing our compliance program and overseeing the day-to-day implementation of controls, ...
1 month ago
We are hiring Info Security Analyst/Phishing for one of our clients. · ...
3 weeks ago
Technical Specialist-Information Security Governance, Risk
Only for registered members
Come join us as a Technical Specialist where you will play a key role in strengthening our Information Security (InfoSec) Governance, Risk & Compliance (GRC) capabilities across the enterprise. · ...
4 days ago
The energy of a newsroom, the pace of a trading floor, the buzz of a recent tech breakthrough; we work hard, and we work fast - while keeping up the quality and accuracy we're known for. It's what keeps us inventing and reinventing, all the time. Our culture is wide open, · just ...
1 month ago
We are seeking an IAM Business Analyst to support access certification and regulatory initiatives within our cybersecurity program. · Support access certification and access governance initiatives across the organization. · Gather and translate business and regulatory requirement ...
3 weeks ago
Dice es la plataforma líder para expertos tecnológicos en todas las etapas de sus carreras. Nuestro cliente, Gardner Resources Consulting LLC busca un analista IAM con experiencia en Identity Governance & Administration (IGA) para apoyar iniciativas de certificación de acceso y c ...
3 weeks ago
We are seeking an IAM Business Analyst with a strong focus on Identity Governance & Administration (IGA) to support access certification and regulatory initiatives within our cybersecurity program. · Support access certification and access governance initiatives across the organi ...
2 weeks ago