Every community deserves to be safe, it’s a fundamental right. Our mission is simple - to build technology that reduces crime and protects privacy. Flock partners with cities, businesses, schools, and neighborhoods to help protect where people live, work, and play. Last year, Flock technology supported over 1 million criminal investigations, helped solve approximately 20% of reported crimes in areas where it is deployed, and played a role in locating more than 10,000 missing people.
We are a high-performance team united by urgency, ownership, and a shared commitment to meaningful impact. The work is fast-paced and the expectations are high. We push beyond perceived limits, support each other, and hold ourselves accountable to delivering results that matter.
With over $1B in funding and an $8.3B valuation, we are scaling with intention and investing in the people who will help us build what others said could not be done. At Flock, you will find the opportunity to grow quickly, take on real responsibility, and contribute to something bigger than yourself.
We are hiring a Senior GRC Engineer to build and scale an engineering-driven, automation-first, and AI-enabled approach to Governance, Risk, and Compliance (GRC).
This role goes far beyond traditional GRC. You will design and implement intelligent, automated systems that integrate directly into our engineering and cloud environments—transforming compliance from a manual, point-in-time exercise into a continuous, real-time capability.
You will leverage automation, data pipelines, and emerging AI/LLM capabilities to reduce manual effort, improve signal quality, and enable proactive risk management.
This is a high-impact role at the intersection of security engineering, compliance, and data—helping evolve GRC into a measurable, scalable, and product-aligned function.
Build GRC Engineering Capabilities
Design and implement policy-as-code and compliance-as-code frameworks
Automate control testing and evidence collection using cloud and CI/CD telemetry
Integrate GRC processes with engineering tools and workflows
Develop reusable tooling and internal platforms for scalable, self-service compliance
Build and deploy production-grade automation leveraging LLMs and AI tooling (e.g., for control mapping, evidence analysis, and anomaly detection)
Own the design, development, and maintenance of core GRC automation systems and services
Drive Risk Visibility and Measurement
Develop KPIs and KRIs using engineering and cloud data
Support risk quantification efforts using frameworks such as FAIR
Maintain and improve the security risk register
Apply data modeling and AI techniques to identify emerging risks and reduce false positives
Build automated risk scoring and prioritization models using real-time engineering and security data
Support Audits and Certifications
Lead and support audits including SOC 2, ISO 27001, ISO 27701, FedRAMP and CJIS
Build automated audit readiness and continuous compliance processes
Serve as a key point of contact for internal and external auditors
Partner Across the Business
Work with Product and Engineering teams on security and privacy requirements
Support customer security reviews, RFIs, and trust center initiatives
Collaborate with Legal and Privacy teams on regulatory alignment
Third-Party Risk Management
Automate vendor assessments using AI-assisted questionnaire analysis and response validation
Build workflows to ingest, analyze, and score third-party risk data at scale
Experience
5+ years in GRC, security engineering, or related roles
Experience working in cloud-native environments, AWS is a must
Experience supporting audits such as SOC 2, ISO 27001, or similar
Relevant certifications such as CISA, CRISC, FAIR, AWS Security Specialty, ISO 27001/42001 Lead Auditor certifications a plus
Technical Skills
Experience integrating security and compliance into CI/CD pipelines
Ability to work with APIs, automation tools, or scripting languages
Experience implementing policy-as-code, compliance-as-code, or security-as-code frameworks
Familiarity with tools such as Terraform, CloudFormation, or similar IaC frameworks
AI & Automation Mindset
Thinks in terms of systems and scale, not manual tasks—automating repetitive work wherever possible
Curious about and experienced with applying AI to operational problems, especially in security or compliance
Comfortable experimenting with emerging technologies and rapidly evolving tooling
Focused on signal over noise, reducing manual overhead while increasing accuracy
GRC Expertise
Strong understanding of frameworks such as SOC2 Type II, NIST 800-53, ISO 27001, and CJIS
Experience with third-party risk management and vendor assessments
Ability to translate regulatory requirements into technical controls
Mindset
Automation-first thinking
Strong problem-solving skills and ownership mentality
Ability to balance security, compliance, and business needs
Ability to collaborate effectively with engineering, security, and business stakeholders
GRC processes are automated and integrated into engineering workflows
Audit readiness becomes continuous rather than periodic
Risk is measured using real-time data and clear metrics, tied to revenue
Engineering teams experience GRC as an enabler, not a blocker
Customer trust and security assurance scale with company growth
Manual GRC processes are replaced with intelligent, automated workflows
AI-assisted systems reduce audit preparation time and improve evidence quality
GRC insights directly influence engineering prioritization and business decision-making
Feeling uneasy that you haven’t ticked every box? That’s okay; we’ve felt that way too. Studies have shown women and minorities are less likely to apply unless they meet all qualifications. We encourage you to break the status quo and apply to roles that would make you excited to come to work every day.
We prescribe to 90 day plans and believe that good days lead to good weeks, which lead to good months. This serves as a preview of the 90 day plan you will receive if you were to be hired in this role at Flock.
The First 30 Days
Ramp on systems, architecture, and existing GRC processes
Build relationships with Engineering, Security, and Legal
Identify initial automation opportunities
The First 60 Days
Begin implementing automation for control testing and evidence collection
Contribute to audit readiness and ongoing compliance efforts
Define KPIs/KRIs for risk visibility
90 Days & Beyond
Deliver measurable improvements in GRC automation and efficiency
Launch initial AI-assisted workflows
Influence roadmap for long-term GRC engineering strategy using a crawl, walk, run approach
In this role, you’ll receive a starting salary between $130,000 and $150,000 as well as Flock Stock Options. Base salary is determined by job-related experience, education/training, as well as market indicators. Your recruiter will discuss this in-depth with you during our first chat.
We’re building the impossible, together. To drive innovation through in-person collaboration, we’re prioritizing candidates in our key hubs: Atlanta, Austin, Boston, Chicago, Denver, Los Angeles, New York City, and San Francisco. While we value the energy of our hub communities, we embrace remote work and welcome applications from exceptional talent across the United States.
🌴Flexible PTO: We offer non-accrual PTO, plus 11 company holidays.
⚕️Fully-paid health benefits plan for employees: including Medical, Dental, and Vision and an HSA match.
đź‘ŞFamily Leave: All employees receive 12 weeks of 100% paid parental leave. Birthing parents are eligible for an additional 6-8 weeks of physical recovery time.
🍼Fertility & Family Benefits: We have partnered with Maven, a complete digital health benefit for starting and raising a family. Flock will provide a $50,000-lifetime maximum benefit related to eligible adoption, surrogacy, or fertility expenses.
🧠Spring Health: Spring Health offers a variety of mental health benefits, including therapy, coaching, medication management, and digital tools, all tailored to each individual's needs.
đź’–Caregiver Support: We have partnered with Cariloop to provide our employees with caregiver support.
đź’¸Carta Tax Advisor: Employees receive 1:1 sessions with Equity Tax Advisors who can address individual grants, model tax scenarios, and answer general questions.
đź’šERGs: We want all employees to thrive and feel like they belong at Flock. We offer four ERGs today - Women of Flock, Flock Proud, LEOs and Melanin Motion. If you are interested in talking to a representative from one of these, please let your recruiter know.
đź’»WFH Stipend: $150 per month to cover the costs of working from home.
đź“šProductivity Stipend: $300 per year to use on Audible, Calm, Masterclass, Duolingo and so much more.
🏠Home Office Stipend: A one-time $750 to help you create your dream office.
Flock is an equal opportunity employer. We celebrate diverse backgrounds and thoughts and welcome everyone to apply for employment with us. We are committed to fostering an environment that is inclusive, transparent, and collaborative. Mutual respect is central to how Flock operates, and we believe the best solutions come from diverse perspectives, experiences, and skills. We embrace our differences and know that we are stronger working together.
If you need assistance or an accommodation due to a disability, please email us at recruiting@flocksafety.com. This information will be treated as confidential and used only to determine an appropriate accommodation for the interview process.
At Flock, we compensate our employees fairly for their work. Base salary is determined by job-related experience, education/training, as well as market indicators. The range above is representative of base salary only and does not include equity, sales bonus plans (when applicable) and benefits. This range may be modified in the future. This job posting may span more than one career level.
Flock is aware of fraudulent individuals and agencies falsely claiming to represent our company. All legitimate communication from Flock will come from an email address ending in @flocksafety.com. We do not make job offers through messaging apps, social platforms, or unauthorized third parties, and we will never request payment or sensitive personal information during the hiring process. If you encounter suspicious outreach related to a Flock role, please report it to recruiting@flocksafety.com
Loading similar jobs...
Discover fully remote job opportunities in the United States at USA Remote Jobs. Apply for roles like Software Developer, Customer Service Specialist, Project Manager, and more!