ButterflyMX logo
ButterflyMX

Video intercoms, access control systems, and security cameras loved by 20,000 multifamily, gated, commercial properties.

GRC Engineer

ComplianceComplianceFull TimeRemoteSeniorTeam 201-500Since 2014H1B SponsorCompany SiteLinkedIn

Location

United States

Posted

3 days ago

Salary

0

Seniority

Senior

Bachelor Degree3 yrs expEnglish

Job Description

GRC Engineer

ButterflyMX

• Own and continuously mature the company risk register; design a risk management workflow that uses AI tooling to surface, score, and route emerging risks with minimal manual intervention, ensuring the register reflects real-time posture, not a quarterly snapshot. • Lead external audit management (SOC 2 Type II); automate evidence collection pipelines in Vanta so that audit cycles are driven by continuous monitoring rather than evidence sprints, and begin scoping a readiness path for ISO 42001 (AI management systems). • Engineer the Trust and Assurance program for scale: build automated intake and triage workflows for security questionnaire requests, deploy AI-assisted response generation against a curated knowledge base, and expand the trust portal so that partner due diligence is largely self-service. • Build a vendor and supply chain risk program that goes beyond static spreadsheets. Design automated vendor intake, tiered risk scoring, and continuous monitoring triggers (news alerts, rating service integrations, release notes, expiration tracking) that surface risk without requiring manual sweeps. • Redesign and maintain security and privacy policies; use AI to draft, version, and track policy updates, and build a lightweight workflow for owner review, approval, and attestation that doesn't require a ticketing system to chase people down. • Own common controls monitoring in Vanta. Configure and tune integrations, checks, and alerting so that control failures surface automatically to the right owners, not just to a GRC inbox. Drive the organization toward an always-on compliance posture. • Modernize the security awareness and training program. • Design and operationalize an integrated compliance calendar covering SOC 2, security and IT systems licensing renewals, applicable state privacy regulations, and any other active frameworks with automated reminders and status tracking rather than manual coordination. • Support the CISO and General Counsel on operational privacy practices: administer cookie consent management tooling, handle or route data subject requests (DSRs) through a documented and auditable workflow, and help maintain the company's privacy notice and data mapping inventory. • Monitor the regulatory and compliance landscape, including AI governance developments (EU AI Act, NIST AI RMF, ISO 42001). Proactively surface changes that require a policy, control, or product response. • Leverage AI tools across every GRC workflow; this role is expected to demonstrate measurable efficiency gains through automation and tooling, not simply to own a portfolio of manual processes.

Job Requirements

  • 3+ years of experience in GRC, information security compliance, or risk management.
  • Working knowledge of SOC 2 (Trust Services Criteria), with hands-on experience supporting or leading audits.
  • Familiarity with additional frameworks is a strong plus: CIS Controls v8, NIST CSF, NIST AI RMF, NIST Privacy Framework, NIST SP 1800 series, NIST 800-53 r5, ISO 42001, ISO 27701, ISO 27001, OWASP Top 10 for Agentic Applications, MITRE D3FEND, MITRE SoT, MITRE ALTAS.
  • Experience conducting rapid third-party/vendor risk assessments and managing a supply chain risk program.
  • Strong organizational skills with the ability to manage multiple concurrent workstreams and deadlines.
  • Excellent written communication, capable of drafting clear, audience-appropriate policy documents and executive risk summaries.
  • Experience with Vanta platform (or equivalent)
  • Relevant certifications a plus: CISA, CRISC, CISSP, CIPP, or equivalent.
  • Proven experience with leveraging AI tools in both professional and personal settings. ButterflyMX is an AI-forward organization and the ability to optimize efficiency using AI is crucial in every role.

Benefits

  • Comprehensive Medical, Dental and Vision plans (ButterflyMX covers 80% of the cost) starting day 1
  • 401(k) plan with a match
  • 10 paid holidays, 20 vacation days, 5 sick days, 3 floating holidays
  • Basic Life and Accidental Death and Dismemberment Insurance (ButterflyMX covers 100% of the cost)
  • Short and Long Term Disability (ButterflyMX covers 100% of the cost)
  • Paid Family Leave
  • Employee Assistance Program
  • Quarterly self-care stipends
  • Access to optional benefits including pre-tax flexible healthcare spending accounts (FSA and HSA), Dependent Care FSA, and Commuter Benefits, as well as optional Supplemental Life, AD&D, Hospital Indemnity, Legal, Accident, Critical Illness, Pet, and Personal Liability Insurance
  • And more!

Related Categories

Related Job Pages

More Compliance Jobs

Second Nature logo

Resident Insurance & Compliance Solutions Advisor

Second Nature

We make managing your home Second Nature with our user-friendly products and services.

Compliance3 days ago
Full TimeRemoteTeam 201-500Since 2012H1B No Sponsor

• Provide high-touch support to residents and property management companies regarding the Second Nature Insurance program with empathy and professionalism, including discussion of coverage details and claim status. • Respond to escalated inquiries from renters and property managers about the Second Nature Renters Insurance Program. • Explain coverage terms, policy exclusions, and lease compliance requirements clearly and within regulatory bounds. • Guide users through the claim process, including follow-up with adjusters and documentation coordination. • Review third-party policies while ensuring consistent lease adherence • Use Salesforce, Slack, and internal tools to document interactions, escalate issues, and improve workflows. • Compile claim information and supporting documentation to ensure accurate and timely claim submissions. • Manage claim escalations and collaborate with third-party insurance partners to ensure timely resolution. • Identify trends in customer inquiries and claims to proactively recommend process or product improvements. • Collaborate with cross-functional teams including Product, Operations, and Vendor Management to improve processes and enhance the customer experience. • Educate customers on the claims process, coverage details, and eligibility requirements. • Participate in training sessions and quality assurance programs to continuously improve product knowledge and service delivery. • Maintain service level agreements (SLAs) and deliver high-quality support while balancing efficiency and customer satisfaction.

United States
$60K - $65K / year
Crypto.com logo

Market Surveillance Analyst

Crypto.com

Crypto.com - the best place to buy, sell, and pay with crypto.

Compliance3 days ago
Full TimeRemoteTeam 1,001-5,000Since 2016H1B Sponsor

• Perform real-time monitoring of all exchange activity, security feeds, and product safety data to identify potential market abuse (wash trading, spoofing, etc.) and ensure price discovery is fair and not manipulated. • Monitor real-time market data to ensure participant compliance with margin requirements and position limits. • Utilize surveillance tools and dashboards to flag anomalies and escalate concerns. • Conduct post-trade reviews and forensic analysis of flagged transactions. • Conduct investigations of potential rule violations by obtaining testimony, compiling records and drafting investigative reports for presentation to the Chief Regulatory Officer. • Prepare detailed reports on findings and recommend appropriate actions. • Ensure adherence to applicable regulations (e.g., SEC, CFTC, FINRA, etc.) and internal policies. • Assist in preparing responses to regulatory inquiries and audits. • Contribute to the development and refinement of surveillance protocols and compliance frameworks. • Support enforcement of KYC/AML procedures and transaction monitoring. • Work closely with Legal, Risk, and Technology teams to improve surveillance systems and compliance workflows. • Liaise with external regulators and industry bodies as needed.

United States
$90K - $110K / year
Crypto.com logo

Market Surveillance Analyst

Crypto.com

Crypto.com - the best place to buy, sell, and pay with crypto.

Compliance3 days ago
Full TimeRemoteTeam 1,001-5,000Since 2016H1B Sponsor

• Perform real-time monitoring of all exchange activity, security feeds, and product safety data to identify potential market abuse (wash trading, spoofing, etc.) and ensure price discovery is fair and not manipulated. • Monitor real-time market data to ensure participant compliance with margin requirements and position limits. • Utilize surveillance tools and dashboards to flag anomalies and escalate concerns. • Conduct post-trade reviews and forensic analysis of flagged transactions. • Conduct investigations of potential rule violations by obtaining testimony, compiling records and drafting investigative reports for presentation to the Chief Regulatory Officer. • Prepare detailed reports on findings and recommend appropriate actions. • Ensure adherence to applicable regulations (e.g., SEC, CFTC, FINRA, etc.) and internal policies. • Assist in preparing responses to regulatory inquiries and audits. • Contribute to the development and refinement of surveillance protocols and compliance frameworks. • Support enforcement of KYC/AML procedures and transaction monitoring. • Work closely with Legal, Risk, and Technology teams to improve surveillance systems and compliance workflows. • Liaise with external regulators and industry bodies as needed.

United Arab Emirates
Henry Schein logo

Regulatory Affairs Specialist – EHS

Henry Schein

Henry Schein started out as a Queens, New York-based pharmacy in 1932 and is now a Fortune 500 company specializing in healthcare products and solutions for hea

Compliance3 days ago

• Develop, implement, and maintain EHS policies, procedures, and programs • Conduct routine onsite inspections of manufacturing and distribution warehouse operations to identify hazards and ensure compliance with company policies and regulatory requirements • Support incident investigations and root cause analyses; recommend corrective and preventive actions and verify effectiveness • Coordinate responses to regulatory agencies on incident investigations, inquiries, findings and/or complaint allegations • Ensure compliance with applicable OSHA standards, including but not limited to: Hazard Communication (HazCom), Personal Protective Equipment (PPE), Emergency Action Plans, Fire Prevention, Forklift/Powered Industrial Truck Safety, Lockout/Tagout (where applicable), Bloodborne Pathogens (where applicable) • Maintain OSHA injury and illness records, including OSHA 300 logs • Support maintenance of company’s Safety Data Sheet Management Program and ensure employee access to SDS information • Support compliance with applicable U.S. Department of Transportation (DOT) regulations governing the shipment of hazardous materials • Support shipping operations involving hazardous materials to ensure proper classification, packaging, marking, labeling, and documentation • Support investigations and corrective actions related to transportation incidents or compliance concerns • Research and analyze applicable laws and regulations (OSHA, OSHA State Plans, DOT, IATA, IMO and EPA); develop, implement and monitor policies and procedures to ensure ongoing compliance with federal, state, and local requirements • Support and assist with hazardous shipping compliance by ensuring adherence to applicable DOT, IATA, and IMO regulations • Serve as a source for employees and management regarding EHS compliance and best practices • Author and distribute the company's quarterly Environmental, Health & Safety (EHS) newsletter • Serve as an EHS resource for the Corporate Brand Development Group and other business units by researching regulatory requirements and providing technical guidance on environmental, health, and safety matters • Develop and deliver employee environmental, health, and safety (EHS) awareness and training programs to ensure compliance with applicable federal, state, and international regulations, including OSHA, OSHA State Plans (e.g., Cal/OSHA), DOT, IATA, IMO, and EPA requirements • Participate in special projects and perform other duties as required

Florida + 2 moreAll locations: Florida | Nevada | New York
$56.6K - $88.4K / year