Job Details
Location: San Jose, California, United States
Salary: Not specified
Company: ApnaWorker
Galaxy i Technologies is looking for a GRC Engineer who brings strong software engineering expertise along with security and compliance knowledge. Role Overview: We are seeking a hands-on GRC Engineer with expertise in backend development, cloud technologies, security engineering, and compliance automation. This role is ideal for professionals who enjoy building systems rather than only managing policies or audits. Key Responsibilities: Develop secure backend services and REST APIs using Python; build and support microservices-based applications; design and implement scalable solutions using Docker and Kubernetes; integrate security and compliance controls into CI/CD pipelines; build compliance automation, governance workflows, and audit-ready systems; implement RBAC, IAM, encryption, audit logging, and secure coding practices; collaborate with security, compliance, and engineering teams; develop risk and control platforms with strong database integrations. Required Skills: Strong experience in Python backend development and REST APIs; hands-on experience with microservices architecture; expertise in Docker, Kubernetes, and AWS; knowledge of compliance frameworks such as SOC2, ISO 27001, NIST, and FedRAMP; experience building compliance automation and governance platforms; strong understanding of security concepts including OAuth2/JWT, IAM, RBAC, and encryption; experience with SQL/NoSQL databases (PostgreSQL, MongoDB, Oracle, etc.); DevSecOps experience and secure SDLC practices. Preferred Skills: Node.js, React.js, FastAPI, or Flask; Terraform or Infrastructure as Code experience; Prometheus, Grafana, Datadog, or CloudWatch; AI-driven compliance automation exposure; experience in regulated industries such as Banking, Healthcare, or FinTech; data governance and audit traceability knowledge. Important: This is a highly technical GRC Engineering role. We are specifically seeking candidates with strong development, cloud engineering, and system-building experience. Pure audit, governance-only, or SOC analyst profiles without hands-on engineering expertise will not be considered. Work Mode: 100% Onsite.