×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Data Security

Senior GRC Engineer

Job in Dallas, Dallas County, Texas, 75201, USA
Listing for: Employer Direct Healthcare
Full Time position
Listed on 2026-06-03
Job specializations:
  • IT/Tech
    Cybersecurity, Data Security
Job Description & How to Apply Below
Lantern is seeking a Senior GRC Engineer to join our GRC team as a key individual contributor. This role is built specifically for someone who builds compliance infrastructure, not just manages it. You will report to the Sr. GRC Manager and work at the intersection of security engineering, AI governance, and healthcare compliance across our benefits platform.

This is not a checkbox compliance role. We are deploying AI across our platform to improve how members access specialty care, and we need a GRC engineer who writes code to solve compliance problems, builds automation that eliminates manual evidence collection, and can govern the AI systems we are actively deploying. If you think in systems, reach for Python before a spreadsheet, and want to shape what a modern GRC function looks like, this role was built for you.

Location:

Hybrid - at least 4 days/wk in our Dallas, TX offices

Responsibilities:

Compliance Automation & Evidence Engineering

* Write scripts (Python, SQL, APIs) to pull evidence directly from source systems (AWS, Azure, IAM platforms, endpoint agents, CI/CD pipelines), eliminating manual evidence collection

* Build and maintain continuous control monitoring workflows integrated into engineering pipelines, not just GRC platforms

* Design compliance-as-code and policy-as-code approaches; own the technical architecture of how controls are tested automatically

* Operate and extend the GRC platform (Service Now GRC, Drata, One Trust, or equivalent) as an engineer, not just a user, including building integrations and automating evidence routing

AI Governance

* Build and maintain Lantern's AI risk register and AI systems inventory, including pre-deployment risk assessments for new AI use cases across our benefits platform in partnership with Engineering and Product

* Implement AI governance controls aligned to the NIST AI RMF, covering model risk, bias, transparency, and accountability, with a bias toward automated monitoring over manual review

* Monitor HHS AI policy, EU AI Act, and state-level regulation; translate emerging requirements into actionable, automatable controls

* Govern AI systems used within the GRC function itself, including any LLM-powered evidence analysis or control monitoring tools

Healthcare Compliance

* Own the HIPAA Privacy and Security compliance program: risk assessments, remediation tracking, workforce training coordination, and ongoing monitoring

* Support HITRUST CSF certification and SOC 2 Type II audit cycles as a technical contributor, building automated evidence pipelines rather than collecting evidence manually

* Map the control environment against NIST CSF; identify gaps and build a prioritized, automatable remediation roadmap

Risk & Vendor Management

* Build and maintain the enterprise risk register with automated KRI tracking and outcome-based reporting for leadership

* Run the third-party risk management (TPRM) program with a continuous monitoring posture: automated vendor monitoring rather than point-in-time assessments

* Conduct vendor risk assessments with emphasis on cloud vendors handling PHI and AI/ML vendors embedding models into products we purchase

Requirements:

* 5+ years in GRC, information security, or compliance engineering, with at least 3 years in healthcare or health-tech

* Demonstrated ability to write code that extracts evidence directly from systems (Azure, IAM, endpoints, APIs), not just configure workflow tools

* Has built something using an LLM or AI framework: a working tool, even a prototype.

* Thinks like an engineer first: sees a manual compliance process and asks how to eliminate it, not how to document it better

Technical

Skills:

* Experience with continuous control monitoring, integrating compliance checks into CI/CD or cloud infrastructure

* Working knowledge of Python, SQL, or equivalent for data extraction, risk scoring, and compliance automation

* Experience with cloud security controls in Azure

Certifications (Preferred)

* CISA, CRISC, CISM, or CISSP

* HITRUST CCSFP a strong plus

Strong Candidates Will:

* Build systems, not checklists. Manual processes are temporary; automation is the goal

* Move with urgency and precision, flagging risk before it becomes an issue

* Balance rigor with pragmatism, enabling the organization to move fast while staying protected

* Communicate clearly to both technical and non-technical audiences without losing nuance

* Bring genuine curiosity about AI. Follow the space and have formed opinions

* Embody Lantern's LIGHT pillars (Logic, Inclusion, Grit, Humanity, Truth) in every interaction

Benefits

* Medical Insurance

* Dental Insurance

* Vision Insurance

* Short & Long Term Disability

* Life Insurance

* 401k with company match

* Flexible Time Off

* Paid Parental Leave
Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search