Engine · 9 hours ago
Staff GRC Analyst
Denver, CO
Full-time
Onsite
Lead/Staff
$126K/yr - $175K/yrEngine is transforming business travel into something personalized and rewarding. They are seeking a highly-skilled Senior GRC Analyst to strengthen their security posture and ensure compliance with critical standards while managing audits and risk assessments across the organization.
Business TravelHospitalityHotelTravel
Responsibilities
Lead the configuration and management of GRC tools (Trust Centers, Learning Management Systems, Compliance Tracking, etc.) to ensure integration with security systems
Manage the main dashboard for SOC 2 reporting, ensuring accuracy and compliance
Develop and maintain a comprehensive risk management program and conduct risk assessments
Manage and conduct regular audits (weekly, monthly, quarterly, and bi-annual) across business, IT, and security processes to ensure best practices and legal compliance
Oversee the development and execution of security procedures across multiple domains
Develop, update, and maintain Contingency Planning strategies and procedures, including coordination of annual tabletop drills
Execute routine operational tasks related to security awareness training
Audit the access and compliance of third-party vendors and contractors
Review procurement requests for security standards and ensure all engagements meet company standards and regulatory requirements
Collaborate cross-functionally to identify and monitor security controls, map security controls to issues and risks, and mature the audit processes related to security controls that apply across multiple security frameworks
Qualification
Required
Proven experience in managing GRC functions, ideally within a fast-paced, high-growth company
Strong understanding of ISO 27001, SOC 2, GDPR, CCPA, PCI-DSS, and SOX compliance standards
Excellent organizational, communication, and leadership skills
Ability to manage complex GRC initiatives and work across multiple teams
Ability to handle high-stress situations and effectively manage IT emergencies
Skilled in using GRC platforms and tools to manage compliance and risk management activities
Strong knowledge of security concepts, including risk management, identity and access management (IAM), key management, data protection, and network security
Track record of building security/GRC programs across various domains
Certifications such as CISA, CISM, CISSP, CRISC, or CCEP
Experience with data protection and privacy law compliance
Familiarity with cloud security components of platforms like AWS, GCP, or Azure
Excellent problem-solving, analytical, and communication skills
Ability to work collaboratively with cross-functional teams, including IT, engineering, and HR teams
A passion for mentoring others
Benefits
Compensation: Competitive base pay tied to role and experience, with opportunities for bonuses, commissions, and equity.
Benefits: Check out our full list at engine.com/culture.
Environments for Success: Different roles have different needs in terms of the environments that drive success which is why we have a hybrid-hub model. Whether you are in one of our amazing offices or fully remote, we'll make sure you have what you need to succeed.
Company
Engine
The modern travel platform for booking and managing business trips
Founded in 2018
1001-5000 employees
H1B Sponsorship
Engine has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2023 (3)
2021 (5)
2020 (1)
Funding
Current Stage
Late StageTotal Funding
$221MKey Investors
PermiraTelescope Partners
2024-09-17Series C· $140M
2021-12-02Series B· $65M
2019-09-05Series A· $16M
Leadership Team
Elia Wallen
Founder & CEO
John Siladie
VP of Data and Platform
Recent News
2025-12-16
Small Business Trends
2025-10-24
Company data provided by crunchbase