logo inner

Engineering Manager, GRC

HashiCorpUnited StatesOnsite

Engineering Manager, GRC


JR104248US - Remote

About the Role


We’re looking for a GRC manager to lead, develop and mature the commercial compliance (SOC 2 Type 2, ISO 27001/17/18) and policy/controls programs at HashiCorp. This role will be heavily focused on scaling, automating, and managing compliance capabilities across HashiCorp. We’re looking for a self-motivated individual who thrives in fast-paced environments, can seamlessly drive efforts with multiple stakeholders to accomplish bold things, has demonstrable experience in GRC and is comfortable working across the breadth and depth of a large, multi-cloud security compliance program. Security at HashiCorp is a remote team.

While prior experience working remotely isn't required, we are looking for team members who can perform well given a high level of independence and autonomy. 

In this role, your responsibilities will include:


  • Manage, mentor and scale an existing team of compliance analysts  
  • Lead the commercial compliance (SOC 2 Type 2, ISO 27001/17/18) and security policy/controls programs at HashiCorp 
  • Expand the compliance program to new frameworks and attestations (e.g., PCI)  
  • Drive the development and maturity of the HashiCorp Common Controls Framework 
  • Maintain and drive maturity and governance of the HashiCorp Security Policy 
  • Develop and report on metrics, KPIs and KRIs 
  • Partner with the Compliance Engineering team to automate manual tasks (e.g., access reviews), continuous monitoring of controls, and audit evidence collection 
  • Own, document and maintain the scope/boundaries of the compliance program 
  • Oversee the onboarding and internal readiness/gap assessments of new products being added to the attestation programs 
  • Create and improve internal self-serve compliance material, such as standardized requirements for new products/services mapped to compliance objectives 
  • Plan and conduct external gap assessments 
  • Work with teams to prepare them for external audits 
  • Own and oversee external attestation/certification audits  
  • Work with teams to create and track remediation plans for gaps/audit findings 
  • Assist with other GRC activities and functions as needed 

What you’ll need (basic qualifications)


  • 2+ years of experience as a people manager 
  • 5+ years of experience working in relevant GRC roles 
  • Previous experience in a cloud environment, preferably AWS and/or Azure 
  • Considerable hands on experience with PCI compliance, preferably for a service provider and/or merchant 
  • Experience leading ISO 27001 compliance and external audits, preferably SOC 2 as well 
  • Comfortable working with both deeply technical and non-technical audiences 
  • Develop relationships in a highly cross functional environment and drive alignment across internal organizations 
  • Highly responsive and have a customer first mindset  
  • Flexibility in daily hours (i.e., willingness to work longer hours during end of quarter, peak periods and audits) 
  • Ability to prioritize and track multiple projects in parallel 

Desired Qualifications


  • Experience working in a large, multi-cloud environment 
  • Previous experience as a Qualified Security Assessor (QSA) or Internal Security Assessor (ISA) 
  • Deep understanding of common security compliance frameworks, attestations and certifications 
  • Previous experience at a technology or SaaS company in similar role 

About the Application Process


Please note, as communication is a critical aspect of how we work, a cover letter is a great way to provide a sample of how you communicate. In your cover letter, describe why you're interested in working at HashiCorp, and what draws you to this role in particular. #LI-Remote Individual pay within the range will be determined based on job related-factors such as skills, experience, and education or training.The base pay range for this role in the SF Bay Area / NYC area is:$208,300—$245,000 USDThe base pay range for this role in California (excluding SF Bay Area), New York (excluding NYC), Seattle Metro, Denver / Boulder Metro, Washington D.C., or Maryland is:$190,900—$224,600 USDThe base pay range for this role in Colorado (excluding Denver / Boulder Metro), Illinois, Minnesota, or Washington (excluding Seattle Metro) is:$173,600—$204,200 USD“HashiCorp is an IBM subsidiary which has been acquired by IBM and will be integrated into the IBM organization.

HashiCorp will be the hiring entity. By proceeding with this application you understand that HashiCorp will share your personal information with other IBM subsidiaries involved in your recruitment process, wherever these are located. More information on how IBM protects your personal information, including the safeguards in case of cross-border data transfer, are available here: link to IBM privacy statement.”

Life at HashiCorp

HashiCorp was founded by Mitchell Hashimoto and Armon Dadgar in 2012 with the goal of revolutionizing datacenter management: application development, delivery, and maintenance. The datacenter of today is very different than the datacenter of yesterday, and we think the datacenter of tomorrow is just around the corner. We're writing software to take you all the way from yesterday to today, and then safely to tomorrow and beyond. Physical, virtual, containers. Private cloud, public cloud, hybrid cloud. IaaS, PaaS, SaaS. Windows, Linux, Mac. These are just some of the choices faced when architecting a datacenter of today. And the choice is not one or the other; instead, it is often a combination of many of these. HashiCorp builds tools to ease these decisions by presenting solutions that span the gaps. Our tools manage both physical machines and virtual machines, Windows, and Linux, SaaS and IaaS, etc. And we're committed to supporting next-generation technologies, as well. HashiCorp was founded and continues to be run by the primary authors of all our core technologies powering thousands of companies worldwide. We speak at conferences and write books related to application and infrastructure management. All our foundational technologies are open source and developed openly, and have been since 2010. The Tao of HashiCorp is the foundation that guides our vision, roadmap, and product design. As you evaluate using or contributing to HashiCorp's products, it may be valuable to understand the motivations and intentions for our work. Learn more about the Tao of HashiCorp here: https://www.hashicorp.com/tao-of-hashicorp
Thrive Here & What We Value- Collaborative and Supportive Work Environment- Agile Methodologies- Customer-Centric Approach- Continuous Learning and Improvement- Innovation and Creativity- Outstanding Customer Experiences- Flexible Working Arrangements- Comprehensiveness over Point Solutions- Investment in Deployment Options
View more

Related Sub

This job belongs to these sub. Explore related roles here:
Product manager jobs
Your tracker settings

We use cookies and similar methods to recognize visitors and remember their preferences. We also use them to measure ad campaign effectiveness, target ads and analyze site traffic. To learn more about these methods, including how to disable them, view our Cookie Policy or Privacy Policy.

By tapping `Accept`, you consent to the use of these methods by us and third parties. You can always change your tracker preferences by visiting our Cookie Policy.

logo innerThatStartupJob
Discover the best startup and their job positions, all in one place.
Quick SearchSearch JobsSearch Remote Jobs hiring WorldwideSearch Remote Jobs in the USSearch Jobs in IndiaSearch Remote Jobs in UKSearch by Title
AreaCaliforniaMassachusettsNew YorkTexasVirginiaWashington D.C.View all
Popular SubRemote JobsWeb3 JobsiOS Developer JobsFront End Developer Remote JobsComputational Geometry JobsCannabis CareersView all
CompanyAbout UsContact usBlogCreditsCareersPrivacy PolicyCookie Policy
Copyright © 2025