×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity IT Consultant Information Security

GRC Analyst

Job in Denver, Denver County, Colorado, 80285, USA
Listing for: Engine
Full Time position
Listed on 2026-02-18
Job specializations:
  • IT/Tech
    Cybersecurity, IT Consultant, Information Security
Salary/Wage Range or Industry Benchmark: 80000 - 100000 USD Yearly USD 80000.00 100000.00 YEAR
Job Description & How to Apply Below
Position: Staff GRC Analyst

About Engine

At Engine, we're transforming business travel into something personalized, rewarding, and simple. For too long, managing travel and spend has been overwhelming and fragmented — we're here to change that. We believe the future of travel should be seamless and powered by technology that delights customers at every step. That's why we're building a platform that brings together corporate travel, a powerful charge card, and modern spend management in one place.

To make this vision real, we're looking for exceptional, mission-driven people to help redefine how businesses manage and experience travel.

More than 20,000 companies already rely on Engine to support over 1 million travelers and billions in annual bookings each year. Cash flow positive with rapid growth, we pair exclusive Engine-only rates, industry-leading rewards, and intelligent automation to help businesses save money while delivering world-class personalization and convenience.

Backed by Telescope Partners, Blackstone, and Permira, Engine has been recognized as one of the fastest-growing travel and fintech platforms in North America, with honors including the Deloitte Fast 500 and Built In's Best Places to Work.

Engine is seeking a highly-skilled and motivated Senior GRC (Governance, Risk, and Compliance) Analyst to join our team. In this role, you will be responsible for strengthening our security posture, ensuring compliance with critical standards such as SOC 2, GDPR, and CCPA, and managing audits, risk assessments, and compliance tracking across the organization. You will work closely with senior leadership, employees, and external auditors to ensure that Engine adheres to best practices in governance, risk management, and compliance.

Your

Mission

As part of the Engine team, you'll play a vital role in an environment where innovation meets collaboration. Here's what you'll take charge of:

  • Lead the configuration and management of GRC tools (Trust Centers, Learning Management Systems, Compliance Tracking, etc.) to ensure integration with security systems.
  • Manage the main dashboard for SOC 2 reporting, ensuring accuracy and compliance.
  • Develop and maintain a comprehensive risk management program and conduct risk assessments.
  • Manage and conduct regular audits (weekly, monthly, quarterly, and bi-annual) across business, IT, and security processes to ensure best practices and legal compliance.
  • Oversee the development and execution of security procedures across multiple domains.
  • Develop, update, and maintain Contingency Planning strategies and procedures, including coordination of annual tabletop drills.
  • Execute routine operational tasks related to security awareness training.
  • Audit the access and compliance of third-party vendors and contractors.
  • Review procurement requests for security standards and ensure all engagements meet company standards and regulatory requirements.
  • Collaborate cross-functionally to identify and monitor security controls, map security controls to issues and risks, and mature the audit processes related to security controls that apply across multiple security frameworks.
What You'll Bring to Engine

We're looking for someone who's ready to make an impact and grow alongside us:

  • Proven experience in managing GRC functions, ideally within a fast-paced, high-growth company.
  • Strong understanding of ISO 27001, SOC 2, GDPR, CCPA, PCI‑DSS, and SOX compliance standards.
  • Excellent organizational, communication, and leadership skills.
  • Ability to manage complex GRC initiatives and work across multiple teams.
  • Ability to handle high-stress situations and effectively manage IT emergencies.
  • Skilled in using GRC platforms and tools to manage compliance and risk management activities.
  • Strong knowledge of security concepts, including risk management, identity and access management (IAM), key management, data protection, and network security.
  • Track record of building security/GRC programs across various domains.
  • Certifications such as CISA, CISM, CISSP, CRISC, or CCEP
  • Experience with data protection and privacy law compliance.
  • Familiarity with cloud security components of platforms like AWS, GCP, or Azure.
  • Excellent problem-solving, analytical,…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search