GRC Engineer

Payabli’s mission is to enable any software company to become a payments company through its payment infrastructure and monetization platform. With Payabli, software companies can make payments a core part of their business model to drive revenue, enhance customer lifetime value, and boost enterprise value. Our co-founders are serial entrepreneurs who have built and scaled successful technology companies like Revo Pay (acquired),  (IPO), and Service Titan.

We are backed by top venture capital investors Fika Ventures, Bling Capital, and TTV Capital.

Payabli is seeking a GRC Engineer to drive our governance, risk, and compliance program by implementing, operating, and continuously improving controls aligned with SOC 2, PCI DSS, ISO, and NIST frameworks. This role partners closely with Security, Engineering, and IT to ensure compliance requirements are operationalized, scalable, and audit ready in a modern cloud and serverless environment.

• Own and maintain the compliance platform (Drata), including control mapping, evidence collection, continuous monitoring, and audit workflows
• Manage control documentation, policies, procedures, and supporting artifacts across multiple compliance frameworks
• Perform risk assessments, vendor security reviews, and control gap analyses, and track remediation through to completion
• Partner with Security, IT, and Engineering teams to ensure technical and administrative controls align with documented policies and compliance requirements
• Support internal and external audits, including SOC 2, PCI DSS, and customer security reviews
• Conduct periodic user access reviews and assist with access governance and RBAC validation
• Develop and maintain compliance reporting, metrics, and executive ready summaries
• Identify and implement automation opportunities to streamline evidence collection, access reviews, and policy lifecycle management

• Hands on experience operating and maintaining a compliance platform such as Drata or similar
• Strong understanding of GRC fundamentals, including control design, evidence management, and audit readiness
• Experience performing user access reviews and supporting identity and access governance processes
• Working knowledge of security and compliance frameworks such as PCI DSS, SOC 2, ISO 27001 or ISO 42001, and NIST
• Experience collaborating with technical teams to validate cloud, application, and security controls
• Strong documentation skills with the ability to translate technical controls into clear compliance narratives

• Experience using Wiz or similar cloud security posture management tools
• Familiarity with cloud native and serverless architectures
• Security certification such as Security+, CISSP, CISM, or similar is a plus
• Prior experience in fintech, payments, or regulated SaaS environments

• Build and shape a modern GRC program in a fast growing fintech
• Work closely with security and engineering in a cloud native environment
• High ownership role with visibility across the organization
• Competitive compensation and benefits with a strong remote first culture

• Competitive base
• Equity package
• 100% remote (US-based)
• Medical, dental, and vision
• 401(k) program (eligible after 3 months)
• Unlimited PTO

Payabli Is an equal opportunity employer and value a diverse, inclusive workplace.

Principals only.

No external agency submissions. Candidates must apply directly;
We will not accept submissions from third-party recruiters or staffing agencies.