GRC Engineer – Compliance Automation

We're looking for problem solvers, innovators, and dreamers who are searching for anything but business as usual. Like us, you're a high performer who's an expert at your craft, constantly challenging the status quo. You value inclusivity and want to join a culture that empowers you to show up as your authentic self. You know that success hinges on commitment, that our differences make us stronger, and that the finish line is always sweeter when the whole team crosses together.

Alteryx is seeking a technically inclined GRC Engineer to help build, automate, and optimize our global compliance and risk management ecosystem. This role will focus on developing workflows, integrations, and control automations that enhance compliance with frameworks such as HIPAA, FedRAMP, PCI, and SOC 2, while enabling scalability and transparency across our security operations.

The ideal candidate will have a hybrid background in information security compliance and technical automation, with hands-on experience configuring GRC platforms, APIs, and evidence collection pipelines in a SaaS or cloud environment.

Key Responsibilities

• Design and implement automation workflows to support evidence collection, control monitoring, and audit readiness.
• Configure and maintain GRC tooling (e.g., Drata, Vanta, Archer, ServiceNow GRC, or similar) to align with Alteryx's compliance frameworks.
• Integrate GRC tools with internal systems (e.g., Jira, Confluence, AWS, GitLab, Okta, Slack) using APIs or no-code connectors.
• Partner with compliance and security teams to translate regulatory requirements (HIPAA, FedRAMP, SOC 2) into technical configurations and data-driven dashboards.
• Support automation of risk assessments, control testing, and remediation tracking.
• Contribute to the continuous improvement of compliance workflows—reducing manual effort and increasing audit visibility.
• Develop and maintain documentation for GRC tool architecture, integrations, and automation processes.
• Assist with compliance reporting and metric visualization through dashboards and BI tools.
• Collaborate with Engineering, IT, and Cloud Operations to ensure automation efforts are secure, scalable, and compliant.

Qualifications

• Bachelor's degree in Information Security, Computer Science, Engineering, or related field.
• 3–6 years of experience in GRC, compliance engineering, or security automation roles.
• Strong understanding of compliance frameworks (HIPAA, FedRAMP, SOC 2, ISO 27001, NIST
• Hands-on experience with GRC platforms (Drata, Vanta, Archer, ServiceNow GRC, or similar) and workflow automation tools.
• Proficiency with API integrations, JSON/YAML, and basic scripting (Python, PowerShell, or JavaScript preferred).
• Familiarity with cloud environments (AWS, Azure, or GCP) and their native compliance or security tooling.
• Strong problem-solving and system-thinking mindset — able to translate compliance controls into automated solutions.
• Excellent communication and documentation skills, with the ability to interface between technical and compliance teams.

Preferred Qualifications

• Experience developing or extending GRC platform connectors or custom integrations.
• Exposure to FedRAMP Moderate or other U.S. federal compliance programs.
• Familiarity with risk management frameworks and continuous monitoring practices.
• Certifications such as CISA, CCSK, AWS Certified Security, or ISO 27001 Lead Implementer are beneficial.

Why Alteryx

At Alteryx, we're redefining how analytics and automation intersect. As part of the Information Security and Compliance team, you'll help engineer the future of compliance — building systems that make risk management scalable, data-driven, and frictionless across a global SaaS platform.

Find yourself checking a lot of these boxes but doubting whether you should apply? At Alteryx, we support a growth mindset for our associates through all stages of their careers. If you meet some of the requirements and you share our values, we encourage you to apply. As part of our ongoing commitment to a diverse, equitable, and inclusive workplace, we're invested in building teams with a wide variety of backgrounds, identities, and experiences.

This position involves access to software/technology that is subject to U.S. export controls. Any job offer made will be contingent upon the applicant's capacity to serve in compliance with U.S. export controls.