Your primary responsibility will be to design products, services, and infrastructure that support and strengthen our technical security Governance, Risk, and Compliance (GRC) strategy. You will build infrastructure and tooling that apply regulatory requirements and security framework controls across our distributed environment. Additionally, you will help drive scalable and consistent engineering practices that address security, risk, and compliance requirements.

Key responsibilities include:

• Designing products, services, and infrastructure that support and strengthen our technical security GRC strategy
• Building infrastructure and tooling that apply regulatory requirements and security framework controls across our distributed environment
• Helping drive scalable and consistent engineering practices that address security, risk, and compliance requirements

Requirements include:

• Experience as a software engineer with development experience in an object-oriented programming language such as Java
• Comfortable with data engineering
• Experience writing distributed, high-volume services and deploying and operating them in production
• Deep understanding of system design, data structures, and algorithms
• Hands-on experience implementing security controls and safeguards in software systems, working within cybersecurity and security GRC frameworks
• Excellent written and verbal communication skills, including experience meeting and presenting to senior leaders and non-technical stakeholders

This role is based in London or Stockholm, with flexibility to work from home. We offer a competitive salary and benefits package.

XML job scraping automation by YubHub

Security GRC Engineers design, implement, and scale our governance, risk, and compliance (GRC) program. You will lead automation of compliance workflows, build self-serve tools to enable GTM teams, and ensure our products and infrastructure meet the highest security standards. This role combines technical implementation with strategic program development, directly shaping how we build trust with customers.

You may be a fit if

• You have experience with GRC frameworks (SOC 2, ISO 27001, ISO 27701, ISO/IEC 42001).
• You have hands-on technical skills to automate compliance workflows and integrate with engineering systems.
• You have proven ability to balance technical implementation with program strategy.
• You have strong cross-functional collaboration skills, especially with engineering, GTM, and auditors.

Sample projects include

• Automate evidence gathering and continuous control testing.
• Optimise compliance monitoring and alerting systems; provide guidance on remediation.
• Generate security program KPIs and maintain a platform for documenting risks, controls, and assessments.
• Build self-serve tools and automation to streamline customer security diligence.
• Support GTM teams by providing scalable ways to address customer security concerns.
• Maintain corporate security policies and map them to relevant frameworks.
• Draft security best practices and drive company-wide awareness and training programs.
• Lead the development and maturity of GRC strategies aligned with SOC 2, ISO 27001, ISO/IEC 42001, and related standards.
• Partner with auditors, regulators, and business stakeholders to define and implement security requirements and controls.
• Conduct security compliance reviews for new products, features, and vendors.

Benefits

• Competitive salary
• Opportunity to work with a talented team
• Professional development and growth opportunities
• Flexible working hours

Requirements

• Will you now or in the future require visa sponsorship to work in the country where this position is located?
• Has someone at Cursor referred you for this role? If so, please include their email here

XML job scraping automation by YubHub