We are redirecting you to the source. If you are not redirected in 3 seconds, please click here.

Security GRC Engineer at Employment Hero. Location Information: Australia - Remote. . Who we are. Employment Hero is on a mission to make employment easier and more valuable for everyone. Our Employment Operating System brings hiring, HR, payroll and benefits into an all-in-one solution. . Since our inception in 2014, we’ve scaled to a $2 billion valuation and gained a presence in 6 countries globally - Australia, New Zealand, Singapore, Malaysia, the UK and Canada. We now service over 300,000 businesses and more than 2 million employees. . The EH Way. At Employment Hero, we’re proud of our unique DNA, which we call The EH Way. . . We are Mission First - everything we do (from what we work on, to how we allocate capital and where we focus) is driven by our Mission. . We are Remote First - we champion a remote environment with a preference for asynchronous communication and a high degree of autonomy . . We are AI First - we are committed to using AI to accelerate our mission; AI is not just a tool, it’s a fundamental part of how we operate, innovate, and scale. . We are Apolitical - we do not take a position on political or social topics, unless it relates to our Mission. . We Live by Our Values - we role model our values 100% of the time. . We Expect High Performance - we set a high standard and we’re not satisfied with being average. . This role . We’re looking for a Security GRC Engineer to help us embed governance, risk, and compliance directly into our engineering workflows. This role moves beyond traditional compliance coordination—focusing instead on building scalable, automated, and stakeholder-friendly security and risk capabilities.. You’ll be part of a team driving continuous assurance, risk-informed decision-making, and compliance-by-default design, helping ensure that security supports—not slows—our innovation and product velocity.. If you have been working on GRC automation and enjoys hands-on scripting work, or simply a developer looking to build your career in the GRC space, this is the role for you.. Your key focus areas will be . . Integrate GRC into engineering - Work closely with development, DevOps, and product teams to implement shift-left security and GRC-as-Code practices.. . Automate security controls and evidence collection - Design and maintain automated compliance checks, policy-as-code, and continuous monitoring systems.. . Enhance stakeholder experience - Build security and GRC solutions that are seamless and empathetic to how teams actually work.. . Support compliance frameworks - Help maintain ISO 27001, SOC 2, and other standards by embedding controls into workflows rather than bolting them on after the fact.. . Monitor and measure risk - Use data and quantitative metrics to guide risk decisions and report meaningful outcomes—not just pass audits.. . Drive continuous improvement - Identify gaps, remove friction, and prototype better ways of achieving GRC outcomes through system design and process iteration.. . Contribute to GRC handbook - Participate in internal knowledge-sharing, open-source projects, and the broader GRC engineering ecosystem.. . Automate security controls and evidence collection - Design and maintain automated compliance checks, policy-as-code, and continuous monitoring systems. This includes building automation using tools like n8n and integrating with Slack to facilitate timely reminders and improve workflow visibility.. . . Who you are . To thrive at Employment Hero, you’ll need to embody The EH Way - operating with focus, agility, and an obsession with impact. For this role, you'll have. . A strong GRC automation mindset with hands-on scripting experience. . Dependabot usage for compliance and vulnerability management workflows. . Jira/Slack integration and automation for audit traceability. . Familiar with LLMs and n8n for AI-driven process improvement. . Strong understanding of ISO 27001, SOC 2 frameworks. . Able to translate technical risk into clear, actionable language. . Focused on scalable, sustainable security governance practices. . Bonus Points If You Have. . Experience building or contributing to internal tools or open-source GRC projects.. . A product or stakeholder-centric view of security and compliance.. . Exposure to security tooling like Vanta, Drata or custom internal platforms.. . Experience operating in fast-paced, product-led tech environments.. . . What we can offer. At Employment Hero, we don’t just talk about a better way to work - we live it. Joining Employment Hero means. . You will work remotely, with the flexibility to own your time and impact. . You will access cutting-edge tools to amplify your work, knowledge and outputs . . You’ll surround yourself with ambitious, outcome-driven colleagues who challenge you to do the best work of your life. . You’ll own ESOP (employee share options) in one of the world’s fastest-growing tech companies . . You’ll also have access to a wide range of benefits that includes - a very generous paternity leave policy, subsidised egg freezing (so you can make the choice that’s right for you, on your terms), a WFH office expense budget, and outstanding learning & development opportunities . . At Employment Hero, we are committed to safeguarding the privacy of your application data. To understand how we do so, you can read our Applicant Privacy Policy here - . https://employmenthero.com/legals/applicant-policy/. Employment Hero celebrates diverse perspectives and experiences, we invite people of all backgrounds and identities to apply for this position.. .