Security GRC Engineer

Security GRC Engineers design, implement, and scale our governance, risk, and compliance (GRC) program. You will lead automation of compliance workflows, build self-serve tools to enable GTM teams, and ensure our products and infrastructure meet the highest security standards. This role combines technical implementation with strategic program development, directly shaping how we build trust with customers. Check below to see if you have what is needed for this opportunity, and if so, make an application asap. Overview Security GRC Engineers design, implement, and scale our governance, risk, and compliance (GRC) program. You will lead automation of compliance workflows, build self-serve tools to enable GTM teams, and ensure our products and infrastructure meet the highest security standards. This role combines technical implementation with strategic program development, directly shaping how we build trust with customers. You might be a fit if… Experience with GRC frameworks (SOC 2, ISO 27001, ISO 27701, ISO/IEC 42001). Hands-on technical skills to automate compliance workflows and integrate with engineering systems. Proven ability to balance technical implementation with program strategy. Strong cross-functional collaboration skills, especially with engineering, GTM, and auditors. Sample projects include: Automate evidence gathering and continuous control testing. Optimize compliance monitoring and alerting systems; provide guidance on remediation. Generate security program KPIs and maintain a platform for documenting risks, controls, and assessments. Build self-serve tools and automation to streamline customer security diligence. Support GTM teams by providing scalable ways to address customer security concerns. Maintain corporate security policies and map them to relevant frameworks. Draft security best practices and drive company-wide awareness and training programs. Lead the development and maturity of GRC strategies aligned with SOC 2, ISO 27001, ISO/IEC 42001, and related standards. Partner with auditors, regulators, and business stakeholders to define and implement security requirements and controls. Conduct security compliance reviews for new products, features, and vendors. About We're Anysphere, the team behind Cursor. Our mission is to automate coding. The first step in our journey is to build the best tool for professional programmers, using a combination of inventive research, design, and engineering. We're a group of engineers and scientists who've built beloved products, created large OSS projects, started at-scale businesses, won olympiad medals, and published significant research (e.g. tmm1, ian, luke, phil, federico, aman, sualeh). Our organization is very flat, and our team is small and talent dense. We particularly like people who are truthseeking, passionate, and creative. We enjoy spirited debate, crazy ideas, and shipping code. We're in-person with cozy offices in North Beach, San Francisco and Manhattan, New York, replete with well-stocked libraries. Our investors include Andreessen Horowitz, OpenAI, Jeff Dean, John Schulman, and the founders of Stripe and Github. Applying If there appears to be a fit, we'll reach to schedule 2-3 short technicals. After, we'll schedule an onsite in our office, where you'll work on a small project, discuss ideas, and meet the team. Join us to build the future of coding Help us advance the research that powers AI-assisted development Full Name * Email Address * Resume * LinkedIn Profile (optional) Tell us about a project you're proud of. Share the technical challenges, your approach, and what made it meaningful to you. *#J-18808-Ljbffr