GRC Engineer

GRC Engineer

Why Zania

Every enterprise spends millions of dollars on Governance, Risk, and Compliance (GRC). It's one of the most critical, yet universally painful, parts of running a business. For decades, this industry has been dominated by legacy systems with notoriously low NPS scores, making it totally ripe for disruption.

Zania is building agentic AI for Governance, Risk, and Compliance (GRC) to solve this massive problem. We are on a rocketship trajectory, creating intelligent agents that automate and augment the most complex risk and compliance workflows. We have found exceptional product-market fit and are scaling our team very quickly. Some reasons to join Zania are:

• Dream Customers: Our customers are the most notable enterprises in the world, including FAANG, Big 4 firms and a portfolio of top customers.

• Tier 1 Backing: Funded by a leading Tier 1 venture capital fund — Series A led by NEA, with Anthropic and Menlo Ventures. $18M raised to build a generational company.

• World-Class Team: Zania is hiring the best. Our team includes AI and Security leaders from Airbnb, Microsoft, Bain & Company, Deloitte, PwC, Brex, and Instacart.

• Pioneering Technology: Our engineers and GRC experts work at the absolute forefront of applied AI, building the next generation of agentic systems that will define the future of compliance.

• Hyper-Growth: We have seen 10x ARR growth in the last year and are rapidly expanding.

• Competitive Compensation & Equity.

The Role

As a GRC Engineer at Zania, you are the bridge between our product and the enterprises that depend on it. You are not a support function — you are a compliance authority and a closer. You own the customer relationship from first implementation through a defined, measurable finish line, and you are accountable for getting them there.

You will set clear success goals with every customer on day one, work backwards from those goals to drive the engagement, and know exactly when you’ve landed the outcome you both committed to. Once a customer is live and successful, you transition them to a steady state and move your energy to the next challenge. You don’t let engagements drift — you drive them to done.

In parallel, everything you learn in the field comes back into the product. Your pattern recognition across customer implementations will directly shape Zania’s roadmap.

What You’ll Do

• Set the success contract upfront. In every new engagement, establish explicit, measurable goals with the customer before work begins — and align the entire implementation plan to hitting those milestones. No ambiguity about what “done” looks like.

• Own implementations end-to-end and close them. Lead onboarding and deployment for enterprise customers from scoping and configuration through to a defined, celebrated go-live. You drive the engagement to closure — you don’t let it become an open-ended managed service.

• Be the GRC expert in the room. Serve as the primary compliance authority in all customer conversations. When a CISO or VP of Risk asks a hard question about how Zania maps to their control framework, you answer it — with precision and credibility.

• Transition to steady state and monitor. Once a customer has hit their success goals, transition them to a lightweight monitoring cadence. Check in, track outcomes, flag risks early — but protect your bandwidth for the next implementation.

• Drive product feedback. Synthesize what you hear across implementations into structured, prioritized product insights. Bring them directly to our product and engineering teams. Your input will shape the roadmap.

• Build the implementation playbook. As an early team member, define how Zania implementations work at scale — the processes, templates, success metrics, and handoff criteria the team will run on as we grow.

• Support pre-sales. Partner with the sales team on technical discovery and proof-of-concept engagements for strategic prospects, helping close deals by demonstrating deep GRC credibility.

Representative Projects

• Kick off a new enterprise implementation by running a structured goal-setting session with the customer’s CISO and GRC lead — defining three measurable success outcomes and a 60-day plan to achieve them.

• Lead the end-to-end deployment of Zania for a Fortune 500 financial services firm, drive the engagement to a signed-off go-live, and formally close the implementation against the goals you set on day one.

• Design a steady-state monitoring framework for post-implementation customers — a lightweight quarterly check-in cadence with clear escalation criteria — so successful customers stay successful without requiring ongoing heavy investment.

• Compile and present a quarterly product feedback report to the Head of Product, distilling patterns from 20+ customer engagements into a prioritized list of platform gaps and feature requests.

What You Have

• 3–8 years of experience spanning GRC, information security compliance, risk management, audit, or customer success in an enterprise technology context.

• Framework fluency. Deep working knowledge of at least two major compliance frameworks (SOC 2, ISO 27001, NIST CSF, FedRAMP, HIPAA, PCI-DSS, or similar). You’ve lived inside these frameworks, not just read about them.

• A closer’s instinct. You define success before you start, drive engagements toward it with urgency, and know how to bring a customer to a clear finish line rather than letting things drift into indefinite managed services.

• Customer-facing experience. You are comfortable owning relationships with senior security and risk stakeholders — presenting, advising, pushing back when needed — with confidence and credibility.

• Outcome orientation. You measure your own success the same way you measure your customers’: against specific, agreed-upon goals. Vague progress doesn’t satisfy you.

• Product instinct. You pay attention to friction. When something doesn’t work for a customer, you don’t just fix it in the moment — you document it and make sure the product team hears about it.

• Strong communication. You can run a technical workshop with a customer’s GRC team in the morning and write a clear, structured product brief in the afternoon. Both matter equally in this role.

Minimum Qualifications

• Minimum Qualifications

• Bachelor’s degree in Information Security, Business, Risk Management, or a related field, or equivalent practical experience

• 3–8 years of experience in GRC, information security compliance, risk management, audit, enterprise technology customer success, or a customer success manager role — ideally in a SaaS or technical product environment

• Working knowledge of at least two major compliance frameworks (e.g., SOC 2, ISO 27001, NIST CSF, FedRAMP, HIPAA, or PCI-DSS), with direct experience applying them professionally

• Demonstrated ability to project manage complex, multi-stakeholder enterprise engagements — setting the agenda, holding customers accountable to timelines, and driving to a clear finish line with authority

• Strong written and verbal communication skills — you will be the primary GRC authority in conversations with CISOs and senior risk leaders, and must command the room, align stakeholders, and earn trust at the executive level quickly

Compensation & Benefits

• Competitive salary + significant equity

• Flexible PTO

• Medical, dental, and vision insurance

• Meals and snacks in the office

• Relocation and immigration support

Zania is an equal opportunity employer and does not discriminate on the basis of race, gender, sexual orientation, gender identity/expression, national origin, disability, age, genetic information, veteran status, marital status, pregnancy or related condition, or any other basis protected by law.