Skip to main content

BrightDrop - Senior Security Governance, Risk and Compliance Engineer

  • Palo Alto
  • Engineering
  • Full time
  • Added
  • JR-202301843


At BrightDrop, we are reshaping e-commerce by developing smarter, greener, and more efficient ways to deliver goods and services to your door, while delivering a brighter future for the cities where we live. We are building an ecosystem of all-electric, zero-emissions delivery solutions – from electric vehicles, to ePallets and software that leverages real-time data to drive intelligent optimizations for e-commerce. To deliver on our mission we are growing fast and building a team, based in Palo Alto, with offices in Atlanta and Detroit, that is customer-focused, agile and passionate about innovating for a more sustainable future.  

From engineering to product management and operations, BrightDrop is looking for people who can combine a passion for technology and sustainability with high doses of curiosity and rigorous thinking to deliver a better future. 

Backed by General Motors, BrightDrop is striving to improve the communities where we live and deliver a better future for generations to come. We hope you’ll join us.

The Security team at BrightDrop ensures the security of our products and services and are the domain experts for our engineering and IT teams to protect our customers’ data in today’s dynamic threat landscape. We are a team of highly skilled security engineers that specialize in security research, penetration testing security architecture, risk and compliance. We evaluate a broad range of technologies including complex web applications, IoT platforms, distributed processing, Cloud environments and isolation of entrusted code.  
As a Senior GRC Engineer, you will be responsible for designing, implementing, and maintaining a comprehensive Governance, Risk and Compliance program.

Roles and Responsibilities 

  • Develop and enforce security policies and procedures, performing risk assessments and security audits, and ensuring compliance with relevant laws and regulations
  • Drive security compliance across our organization, improve the risk management function, and build trust with stakeholders to improve control maturity & accountability
  • Work directly with Engineering, IT and legal teams to design efficient, performant controls in a cloud-first environment that meet our compliance needs (NIST , SOC 2, ISO, GDPR, etc)
  • Implement control-monitoring automation and risk telemetry (evidence collection, state monitoring, posture change alerting) via GRC tools and compliance-as-code.
  • Define security risk & compliance program objectives, identify key metrics, cultivate relationships with stakeholders, and report quantifiable progress to leadership
  • Perform vendor security reviews
  • Manage disaster recovery and business continuity plans and drills

Additional Description

Basic Qualifications:

  • Masters or Bachelor’s degree in Computer Science or EE is required
  • 8+ years of progressively responsible work experience in Security governance, risk, and compliance, security assurance, or third-party risk and customer trust
  • 3+ years of experience in designing and developing automation
  • CISSP and CISM certified
  • Deep technical understanding of best practices for implementing cloud-native controls for SOC2, ISO, NIST, GDPR compliance in a fast-paced environment
  • Experience developing and managing security policies and standards
  • Experience conducting vendor security reviews
  • Experience managing disaster recovery and business continuity programs
  • At least 1 year of Azure Cloud experience

The expected base compensation for this role is: ($132,330  - $197,910 USD Annual). Actual base compensation within the identified range will vary based on factors relevant to the position.

Bonus Potential: An incentive pay program offers payouts based on company performance, job level, and individual performance.

Benefits: GM offers a variety of health and wellbeing benefit programs. Benefit options include medical, dental, vision, Health Savings Account, Flexible Spending Accounts, retirement savings plan, sickness and accident benefits, life insurance, paid vacation & holidays, tuition assistance programs, employee assistance program, GM vehicle discounts and more

About GM

Our vision is a world with Zero Crashes, Zero Emissions and Zero Congestion and we embrace the responsibility to lead the change that will make our world better, safer and more equitable for all.

Why Join Us 

We aspire to be the most inclusive company in the world. We believe we all must make a choice every day – individually and collectively – to drive meaningful change through our words, our deeds and our culture. Our Work Appropriately philosophy supports our foundation of inclusion and provides employees the flexibility to work where they can have the greatest impact on achieving our goals, dependent on role needs. Every day, we want every employee, no matter their background, ethnicity, preferences, or location, to feel they belong to one General Motors team.

Benefits Overview

The goal of the General Motors total rewards program is to support the health and well-being of you and your family. Our comprehensive compensation plan incudes, the following benefits, in addition to many others:
• Paid time off including vacation days, holidays, and parental leave for mothers, fathers and adoptive parents;
• Healthcare (including a triple tax advantaged health savings account and wellness incentive), dental, vision and life insurance plans to cover you and your family;
• Company and matching contributions to 401K savings plan to help you save for retirement;
• Global recognition program for peers and leaders to recognize and be recognized for results and behaviors that reflect our company values; 
• Tuition assistance and student loan refinancing;
• Discount on GM vehicles for you, your family and friends.

Diversity Information

General Motors is committed to being a workplace that is not only free of discrimination, but one that genuinely fosters inclusion and belonging. We strongly believe that workforce diversity creates an environment in which our employees can thrive and develop better products for our customers.   We understand and embrace the variety through which people gain experiences whether through professional, personal, educational, or volunteer opportunities. GM is proud to be an equal opportunity employer.

We encourage interested candidates to review the key responsibilities and qualifications and apply for any positions that match your skills and capabilities.

Equal Employment Opportunity Statements

The policy of General Motors is to extend opportunities to qualified applicants and employees on an equal basis regardless of an individual's age, race, color, sex, religion, national origin, disability, sexual orientation, gender identity/expression or veteran status. Additionally, General Motors is committed to being an Equal Employment Opportunity (EEO) Employer and offers opportunities to all job seekers including individuals with disabilities. If you need a reasonable accommodation to assist with your job search or application for employment, email us at . In your email, please include a description of the specific accommodation you are requesting as well as the job title and requisition number of the position for which you are applying.