More jobs:
GRC Engineer
Job in
Saint Petersburg, Pinellas County, Florida, 33701, USA
Listed on 2026-06-02
Listing for:
Dynasty Financial Partners
Full Time
position Listed on 2026-06-02
Job specializations:
-
IT/Tech
Data Security, Cybersecurity, Information Security
Job Description & How to Apply Below
Description
Job Overview:
Dynasty Financial Partners is seeking an experienced, and technically hands-on Data GRC Engineer to join our Information Technology team. In this role, you will help design and execute enterprise-wide data controls, AI governance initiatives, and compliance infrastructure. You will configure and manage DLP policies, build data classification and sensitivity labeling frameworks, engineer detection and remediation pathways for AI control failures. In parallel, you will run our SOC 2 Type II internal evidence-gathering process and manage continuous vendor monitoring, ensuring the organization maintains a strong security and compliance posture.
This role operates within our Microsoft-centric technology environment and requires hands-on familiarity with the Microsoft ecosystem.
Job Duties:
* Help with the design, implementation, and continuous improvement of the enterprise data and AI governance framework, including policies, standards, operating procedures, and controls aligned with standard frameworks.
* Help build and maintain a master inventory of critical data elements, data owners, authoritative sources, and data lineage across the organization to determine how it flows through systems, products, and AI models.
* Help build and maintain a Data Loss Prevention program that incorporates AI data.
* Help design a feedback system for AI systems to roll into the vulnerability management process.
* Consume CASB data to manage proper responses and policies.
* Collaborate with cross-functional stakeholders (Engineering, Product, Finance, Operations, etc.) to investigate root causes of any failure to controls and prevent recurrence
* Establish and report on data governance KPIs, quality scorecards, and maturity metrics to tech leadership
* Champion data stewardship across business units by training data owners on governance responsibilities and best practices
Security, Compliance & Third Party Management
* Manage the internal SOC 2 Type II evidence-gathering process end-to-end: coordinate with control owners, collect and organize audit evidence, track remediation items, and liaise with external auditors
* Develop and maintain data security policies and procedures aligned with SOC 2 Trust Services Criteria and organizational risk tolerance
* Own the continuous monitoring program for third-party vendors, including periodic risk assessments, security questionnaire reviews, and contract compliance verification
* Partner with PMO, Infrastructure/Cyber, and vendor management to evaluate new vendors and ensure data protection obligations are clearly defined in agreements
* Monitor regulatory developments and emerging compliance requirements that affect data handling, privacy, and security practices; recommend and implement necessary changes
* Maintain a compliance calendar to ensure all cyclical audit, assessment, and reporting obligations are met on time
Microsoft Ecosystem & Tooling
* Leverage Microsoft technology stack to support governance and compliance objectives, including but not limited to:
* Microsoft Purview for data cataloging, classification, lineage, and sensitivity labeling
* Microsoft 365 Compliance Center for data loss prevention (DLP), retention policies, and information protection
* Microsoft Cloud Application Security
* Entra access governance and identity management
* Power BI for data quality dashboards and governance reporting
* SharePoint / Teams for policy documentation, collaboration, and evidence management workflows
* Experience with data lakes is a plus
Collaboration & Projects
* Partner with external auditors, MSPs, and software providers to resolve compliance gaps and implement solutions
* Collaborate with internal departments on cross-functional data governance and security initiatives
* Respond promptly to critical data integrity or compliance incidents as needed
Requirements
Requirements:
Experience & Certifications
* 4-7+ years of progressive experience in data governance, data management, data quality, or related discipline
* 2+ years of direct experience with SOC 2 compliance - specifically internal evidence gathering, control documentation, and audit coordination
*…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×