Compliance Intern offering forensic analysis support for Johnson & Johnson. Engaging in audits and analytical tasks in a hybrid work environment in New Brunswick, NJ.
About the role
- GRC Engineer at security team to strengthen governance, risk, and compliance programs. Collaborating with technical security engineers to protect customer data.
Responsibilities
- Own compliance programs including ISO 27001 and SOC 2, coordinating audits, managing evidence collection, and maintaining certifications
- Implement and manage a GRC automation platform (Drata, Vanta, or similar) to streamline compliance workflows and continuous monitoring
- Develop and refine security policies and procedures that meet regulatory requirements while remaining practical for engineering teams
- Assess risks across production, non-production, and QA environments, prioritizing security initiatives based on business impact and compliance obligations
- Bridge technical and business stakeholders by translating security requirements into language appropriate for different audiences
- Manage vendor security assessments and third-party risk reviews in partnership with procurement and legal teams
- Develop metrics and reporting that give leadership visibility into compliance status and risk landscape
Requirements
- Strong hands-on experience with AWS environments and cloud security controls (EC2, IAM, CloudTrail, Config, Security Hub, etc.)
- Scripting skills in Python, Bash, or similar languages to automate compliance tasks and evidence collection
- Proven experience implementing and managing GRC automation tools such as Drata, Vanta, or similar platforms
- Understanding of compliance frameworks like ISO 27001, SOC 2, GDPR, and CCPA (formal audit experience not required)
- Comfort reading technical documentation and collaborating with engineering teams
- Strong project management skills with ability to manage multiple compliance initiatives simultaneously
- Clear communication skills for both technical and non-technical audiences
- Technical background preferred over traditional audit experience
- Certifications like AWS Security Specialty, CRISC, CISA, or CISSP a plus
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Director, Global Regulatory Leader responsible for global regulatory strategies in innovative medicine for investigational products. Leading cross - functional teams and ensuring regulatory compliance with health authorities.
GRC Analyst supporting Siteimprove's security governance, risk, and compliance team. Engaging with customers, managing vendor security reviews, and enhancing security practices.
Compliance Manager overseeing United Rotorcraft’s compliance initiatives with federal standards. Ensuring audit readiness and managing supplier compliance and training programs.
Regulatory Compliance Projects Manager at Betclic ensuring compliance in product development and coordinating regulatory matters across jurisdictions. Leading cross - functional projects in a dynamic environment.
Trade Compliance Officer managing US trade compliance operations for Thales' InFlight Entertainment Business Line. Developing and implementing comprehensive trade compliance programs aligned with regulatory requirements.
Quality & Compliance System Senior Specialist overseeing Quality Management Systems in a global biopharmaceutical company. Ensuring GMP compliance and continuous improvement in quality processes.
Covenant Compliance Review Analyst responsible for monitoring covenant compliance tests and financial statements. Supporting Relationship Managers with compliance and documentation for commercial clients.
Supports the Covenant Compliance Review Department for commercial credit relationships at Origin Bank. Involves financial documentation maintenance and client relationships management.
Quality and Compliance Specialist ensuring compliance with dietary supplement regulations and quality management. Supporting quality programs and regulatory affairs under the Director of R&D and Regulatory Affairs.