GRC Engineer

About Rise8

We’re transforming the United States Government and we know that takes a dream team. 

We believe customer experience starts with employee experience, so we take care of our employees. We offer competitive pay and benefits, invest in employee growth, and offer a culture you can’t find anywhere else.

At Rise8, we continuously achieve unreached heights through next-level tech, and on-the-level collaboration. Together, we create continuous impact. We turn breakdowns into breakthroughs, make small steps into giant leaps, and deliver game-changing products through culture-changing process.

We pair Risers with their customer counterparts and practice pairing at every moment to elevate people and teams and deliver results fast and forever. We work in small teams and rotate between them frequently so that we are able to meet new challenges and explore new ideas.

Our methodology is about experimenting and learning, and our culture is empowering. We subscribe to an ethos of kindness. We make a point to bring empathy to each and every project and are guided by a promise and a purpose: to deploy critical outcomes to prod in order to drive relentless progress. Not just an idea. But an outcome. A better world. A world where every day, fewer bad things happen because of bad software.

Rise8 is certified as a Great Place to Work with 100% of employees saying they love working here.

About You

• You want to make tomorrow better than today. 
• You have a passion for high-speed security and you care about risk management over compliance.
• You believe the biggest vulnerability in any system is time. You live to securely reduce cycle time.
• You enjoy daily decision making and real product delivery.
• You help ensure project success and client satisfaction. 
• You enjoy collaborative teams, pairing with team members, and inviting your clients to participate. 
• You like to work alongside, and learn from, lean and agile leaders. 
• You are a creative problem solver who is comfortable with uncertainty.
• You are a curious and keen learner who thrives on enhancing your (and our) practices and knowledge.

As a GRC Engineer at Rise8, you will: 

• The GRC Engineer will play a critical role in designing, deploying, and integrating a modern Governance, Risk, and Compliance (GRC) system supporting a Continuous Authorization to Operate (cATO) program for a U.S. Government agency.
• The position emphasizes API development, coding, and system integration to ensure seamless operations in a dynamic cloud-native environment.
• This role requires expertise in automating security and compliance processes, integrating with services like AWS, CI/CD pipelines, and leveraging APIs to create an efficient and scalable solution in alignment with federal cybersecurity standards.

Responsibilities 

• Develop, test, and implement the GRC solution, focusing on robust API design and integration with the agency’s systems, including AWS services, CI/CD pipelines, and cloud-native technologies.
• Transition data and services from legacy GRC platforms to a modern, API-driven cATO environment.
• Collaborate with developers to create and maintain secure and efficient API endpoints, ensuring system interoperability.
• Develop scripts and API-driven workflows to support control inheritance and streamline compliance operations.
• Design and implement API-based solutions to manage security and privacy artifacts, ensuring accurate documentation and compliance with federal cybersecurity policies.
• Configure API solutions to enable real-time interaction with the GRC system and external services.
• Work with GRC Automation Leads and System Administrators to script and automate RMF processes, ensuring smooth integration from the agency’s DevSecOps environment into the new GRC platform.
• Build API connectors to integrate GRC tools with external platforms, enabling continuous monitoring and streamlined workflows.
• Partner with cloud engineers, security teams, and developers to implement API-centric solutions supporting the overall cATO framework.
• Advocate for best practices in API security and coding standards while enabling seamless team collaboration.
• Develop and maintain API-driven dashboards for real-time system monitoring, authorization status, NIST 800-53 control compliance, vulnerability analysis, and automated assessments for cATO systems.    

Preferred Qualifications: 

• Bachelor’s degree in Information Technology, Cybersecurity, Software Engineering, or a related field.
• 4+ years of experience in API development, coding, and workflow automation for system integration and security compliance.
• Proficiency in programming languages like Python, JavaScript, or similar for API and system integration tasks.
• Strong understanding of cloud-native technologies, preferred AWS
• Expertise in NIST RMF processes, NIST SP 800-53 Rev. 5 controls, and federal cybersecurity policies.
• Hands-on experience automating security controls and building API integrations in DevSecOps environments.
• Familiarity with API security best practices, including authentication, authorization, and secure data handling.

Salary 

• The annual salary range for this role as it is posted is $115,688 - $150,000 regardless of final candidate location within the United States. The final job level and annual salary will be determined based on the education, qualification, knowledge, skills, ability, and experience of the final candidate(s), and calibrated against relevant market data and internal team equity. 

Benefits

• Flexible schedule in a 100% distributed workforce 
• Premium Insurance: We cover up to 100% of the employee premium and up to 80% of the combined dependent premium on our base health plan, depending on pay band. We also cover 100% of the premium for employee and dependent Dental and Vision as well as employee premiums for Life and Disability coverage.
• Retirement: 401k match at 10% gross pay.
• Paid time off (PTO): 4 weeks combined accrued vacation and sick leave, 10 Federal holidays, your birthday, jury duty, and bereavement.
• Education & Training: Accrued budget of up to $3,500 per year for classes, travel, events, and materials.
• Home Office and Merch: We offer $750 per year for home office technology and equipment as well as $100 per year for Rise8 merch from our Swag Store.
• Wellness Budget: To encourage and support a well-rounded healthy lifestyle, we cover 100% reimbursement on a variety of wellness activities and products, up to $500 per calendar year. 
• Rise8 is part of the Life Time Corporate Partner program. In lieu of your $500 annual wellness benefit, you can instead get a $75 monthly credit towards a Life Time membership ($900 annual benefit).
• Equipment: We offer a MacBook Pro

All of Rise8’s work in this area is with Federal Government customers that require our employees involved with their projects be U.S. citizens. As such, this role requires U.S. citizenship. If hired, you would also be required to go through a background investigation.

Rise8 is an Equal Employment Opportunity employer that will consider you for this role regardless of race, color, religion, gender, sexual orientation, marital status, gender identity or expression, national origin, genetics, age, disability status, protected veteran status, or any other characteristic protected by applicable law.