
1001 - 5000 employees
Founded 2005
☁️ SaaS
⚡ Productivity
🤝 B2B
SaaS • Productivity • B2B
Smartsheet is a platform designed to manage projects, automate workflows, and build solutions at scale. It offers a wide range of features including automation, team collaboration, dashboards and reporting, and integrations, allowing businesses to streamline their operations. The platform caters to diverse use cases such as project management, IT portfolio management, marketing management, and more, serving various industries including government, finance, and healthcare. Smartsheet also emphasizes security and data protection, ensuring users' data privacy. Additionally, it offers professional services like consulting, training, and implementation support to maximize the platform's capabilities.
🔥 12 hours ago
☕ Washington – Remote
💵 $205k - $275k / year
⏰ Full Time
🟠 Senior
👮♂️ Cybersecurity / Security Engineer
🦅 H1B Visa Sponsor
Improve your chances of getting an interview by checking your resume score before you apply.

1001 - 5000 employees
Founded 2005
☁️ SaaS
⚡ Productivity
🤝 B2B
SaaS • Productivity • B2B
Smartsheet is a platform designed to manage projects, automate workflows, and build solutions at scale. It offers a wide range of features including automation, team collaboration, dashboards and reporting, and integrations, allowing businesses to streamline their operations. The platform caters to diverse use cases such as project management, IT portfolio management, marketing management, and more, serving various industries including government, finance, and healthcare. Smartsheet also emphasizes security and data protection, ensuring users' data privacy. Additionally, it offers professional services like consulting, training, and implementation support to maximize the platform's capabilities.
• Own the end-to-end GRC strategy and roadmap: Lead the planning and prioritization of GRC initiatives that drive compliance maturity, reduce audit risk, and improve operational efficiency. • Design and implement policy-as-code systems: Translate compliance frameworks (SOC 2, ISO 27001, FedRAMP, HIPAA) into enforceable code, leveraging Infrastructure-as-Code (Terraform, CloudFormation) and automated compliance validation. • Build custom control frameworks: Design Smartsheet-specific Unified Control Frameworks (UCF) and Secure Control Frameworks (SCF) that map to our cloud architecture, multi-framework requirements, and organizational risk appetite. • Lead full audit cycles: Manage preparation, execution, and resolution for SOC 2 Type II, ISO 27001, FedRAMP, and other certification audits. Own evidence gathering, audit readiness tracking, and post-audit remediation. • Architect GRC platform strategy: Evaluate, select, configure, and integrate GRC tooling (Vanta, Drata, or similar) with our cloud infrastructure, identity systems, ticketing systems, and CI/CD pipelines to enable continuous compliance monitoring. • Design automated evidence collection and validation: Build data pipelines and integrations that automatically collect compliance evidence from AWS, application logs, identity systems, and operational tools; validate accuracy and reduce manual verification. • Translate compliance requirements into technical implementations: Work with engineering and security teams to express policies and regulatory requirements in a way they can execute and monitor—breaking down silos between compliance and technical teams. • Establish risk management and governance processes: Design and operate risk registers, control effectiveness assessments, continuous monitoring workflows, and escalation processes that provide leadership with real-time visibility into compliance posture. • Build and lead the GRC team: Mentor and develop your team, establish technical and operational practices, define the playbooks for compliance execution, and create a culture of continuous improvement.
• 10+ years of experience in GRC, compliance, security engineering, or related roles, with 5+ years in a technical or leadership capacity managing compliance programs at scale. • A degree in Computer Science, Computer Engineering, Cybersecurity or a related field or equivalent practical experience. • Deep hands-on expertise in running full audit cycles across multiple frameworks, particularly SOC 2 Type II, ISO 27001, and FedRAMP. You've managed evidence preparation, control testing, audit remediation, and continuous monitoring. • Strong technical foundation in cloud architecture and compliance: Working knowledge of AWS/GCP/Azure, infrastructure-as-code (Terraform), CI/CD pipelines, identity and access management, encryption, and logging—sufficient to design control implementations and validate technical posture. • Hands-on experience with GRC platform administration and customization (Vanta, Drata, ServiceNow GRC, or equivalent), including integration design and workflow automation. • Proficiency in policy-as-code and compliance-as-code principles: Experience implementing automated controls, policy enforcement, and continuous compliance validation through code and configuration. • Fluency in multiple compliance frameworks: Deep knowledge of SOC 2 Trust Service Criteria, ISO 27001 control objectives, NIST 800-53 (or 800-171 for government), and experience with HIPAA, GDPR, and industry-specific frameworks. • Scripting and automation skills: Comfortable with Python, Bash, or similar for building integrations, data pipelines, and automated control validation. • Excellent communication and program management: Ability to distill complex compliance concepts for both technical and business audiences, manage multi-workstream programs, and drive alignment across teams. • Some federal/government sector experience is valuable but not required: Understanding of FedRAMP processes, government compliance nuances, and federal contractor requirements is a plus. • US Person Status: Must be a U.S. Citizen, U.S. National to meet federal compliance requirements.
• Employer subsidized medical/vision and dental coverage for full-time employees • 401k Match to help you save for your future (50% of your contribution up to the first 6% of your eligible pay) • Monthly stipend to support your work and productivity • Flexible Time Away Program, plus Sick Time Off • US employees are automatically covered under Smartsheet-sponsored life insurance, short-term, and long-term disability plans • US employees receive 12 paid holidays per year • Up to 24 weeks of Parental Leave • Personal paid Volunteer Day to support our community • Opportunities for professional growth and development including access to Udemy online courses • Company Funded Perks, including a counseling membership, local retail discounts, and your own personal Smartsheet account • Teleworking options from any registered location in the U.S. (role specific)
Apply Now🔥 12 hours ago
Information Systems Security Officer enhancing security and compliance for Federal cloud environments. Managing security controls, incident response, and GRC automation in a highly regulated environment.
🇺🇸 United States – Remote
💵 $125k - $180k / year
⏰ Full Time
🟡 Mid-level
🟠 Senior
👮♂️ Cybersecurity / Security Engineer
🦅 H1B Visa Sponsor
AWS
Cloud
Cyber Security
JavaScript
Python
🔥 20 hours ago
Information System Security Manager focusing on managing cybersecurity posture and implementing security solutions. Join a leading provider of Digital Engineering and Technical Stack support.
Cloud
Cyber Security
🕒 Yesterday
Lead of Information Security at Proscia, responsible for security of AI-driven digital pathology solutions. Manage vulnerability management and governance in compliance with regulatory frameworks.
🇺🇸 United States – Remote
⏰ Full Time
🟠 Senior
👮♂️ Cybersecurity / Security Engineer
🦅 H1B Visa Sponsor
AWS
Cloud
🕒 Yesterday
Cybersecurity Engineer developing innovative solutions for client delivery at Phoenix Cyber. Responsibilities include automation implementation and collaboration with SMEs and vendors.
AWS
Azure
Cloud
Cyber Security
Docker
ElasticSearch
JavaScript
Kafka
Kubernetes
Linux
Logstash
Node.js
Python
Splunk
🕒 Yesterday
IS Security Engineer III managing corporate security. Focused on designing and developing solutions to support business strategies at CareOregon.
🇺🇸 United States – Remote
💵 $113.9k - $139.3k / year
⏰ Full Time
🟡 Mid-level
🟠 Senior
👮♂️ Cybersecurity / Security Engineer
🦅 H1B Visa Sponsor
Firewalls
Python