About the Role
We're seeking a GRC Engineer to join our security team and strengthen our governance, risk, and compliance programs. You'll work alongside technical security engineers to build and implement practical frameworks that protect customer data while enabling business operations across our marketing technology platform.
What You'll Do
- Own compliance programs including ISO 27001 and SOC 2, coordinating audits, managing evidence collection, and maintaining certifications
- Implement and manage a GRC automation platform (Drata, Vanta, or similar) to streamline compliance workflows and continuous monitoring
- Develop and refine security policies and procedures that meet regulatory requirements while remaining practical for engineering teams
- Assess risks across production, non-production, and QA environments, prioritizing security initiatives based on business impact and compliance obligations
- Bridge technical and business stakeholders by translating security requirements into language appropriate for different audiences
- Manage vendor security assessments and third-party risk reviews in partnership with procurement and legal teams
- Develop metrics and reporting that give leadership visibility into compliance status and risk landscape
Requirements
- Strong hands-on experience with AWS environments and cloud security controls (EC2, IAM, CloudTrail, Config, Security Hub, etc.)
- Scripting skills in Python, Bash, or similar languages to automate compliance tasks and evidence collection
- Proven experience implementing and managing GRC automation tools such as Drata, Vanta, or similar platforms
- Understanding of compliance frameworks like ISO 27001, SOC 2, GDPR, and CCPA (formal audit experience not required)
- Comfort reading technical documentation and collaborating with engineering teams
- Strong project management skills with ability to manage multiple compliance initiatives simultaneously
- Clear communication skills for both technical and non-technical audiences
- Technical background preferred over traditional audit experience
- Certifications like AWS Security Specialty, CRISC, CISA, or CISSP a plus
Why Join Us
- You'll work with a supportive security team that values both technical expertise and GRC discipline, with leadership backing for necessary security investments and the opportunity to shape our compliance strategy as we grow.
- Reports to: Director, GRC
What We Do
Acoustic is a global marketing and customer engagement provider delivering solutions that give brands a deeper understanding of their customers and the ability to act in the moments that matter. Our mission is to help brands build closer customer connections through data-driven visibility and personalized engagement. We know that marketers need powerful solutions that enable them to transform how their brand connects with customers — not tools that limit their potential and complicate their day-to-day. Our solutions are purpose-built to enable marketers to build, scale, and optimize customer experiences throughout the customer lifecycle. We have approximately 650 employees around the globe, allowing us to maintain a local presence with a global footprint. With 25+ years of MarTech experience, our team of trusted experts is focused on helping brands across industries exceed expectations and build meaningful, lasting customer relationships.
Why Work With Us
We’re not only building our company’s future but the future of an industry. That’s why our values — team and passion, trust and security, rapid innovation, customer delight, and respect for all people — guide everything we do. Join our collaborative, global team that’s dedicated to helping brands deliver exceptional customer experiences.
Gallery
.png){kind=logo}
