XBOW · 5 hours ago
Information Security Engineer, GRC
United States
Full-time
Remote
Mid Level
3+ years expXBOW is redefining the future of cybersecurity with their innovative AI-powered autonomous pentester. The Governance, Risk & Compliance Analyst will support customer security reviews, assess vendor risk, and enhance risk management processes while collaborating with various teams to ensure compliance with security standards.
ComputerNetwork Security
Responsibilities
Support customers and prospects by completing technical security questionnaires, risk assessments, and due-diligence requests
Partner with Sales and Customer teams to explain XBOW’s security controls, architecture, and compliance posture
Assess and manage third-party and vendor security risk, including reviews of SaaS providers and service partners
Help maintain and improve risk assessment frameworks, methodologies, and documentation
Track and support remediation of identified risks in collaboration with internal stakeholders
Contribute to compliance initiatives aligned with frameworks such as SOC 2 and ISO 27001
Maintain clear, well-structured risk registers, policies, and supporting evidence
Coordinate risk management sessions and processes
Identify opportunities to streamline and automate risk and compliance processes as the company scales
Support audits, customer reviews, and internal assurance activities as needed
Qualification
Required
3–5+ years of experience in risk, compliance, security assurance, or related roles
Hands-on experience completing or reviewing technical security questionnaires and customer risk assessments
Familiarity and experience with common security and compliance frameworks (e.g. SOC 2, ISO 27001, NIST, FedRAMP)
Comfortable assessing technical controls and working with engineers to understand system architecture
Experience conducting or supporting vendor / third-party risk assessments
Strong written communication skills, with the ability to explain complex security concepts clearly
Highly organized and detail-oriented, with a pragmatic approach to risk
Comfortable working in a fast-moving, remote-first startup environment
Preferred
Experience working in a SaaS or security-focused company
Security or risk certifications (e.g. CRISC, SOC2, ISO 27001 Lead Implementer, FedRAMP)
Experience supporting a company through audit readiness or first-time compliance efforts
Benefits
Competitive salary and meaningful stock options.
Opportunity to learn from and collaborate with top security and AI experts
Work on complex technical challenges that support the foundation of our company
Remote-First:Work from anywhere, with regular opportunities to meet in person
Company
XBOW
XBOW operates autonomously, carrying out commands and analyzing the results to achieve higher-level objectives.
51-200 employees
H1B Sponsorship
XBOW has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (1)
Funding
Current Stage
Growth StageTotal Funding
$117MKey Investors
Altimeter CapitalSequoia Capital
2025-06-24Series B· $75M
2025-01-01Series A· $22M
2024-07-16Seed· $20M
Leadership Team
Jonaki Egenolf
Chief Marketing Officer
Nico Waisman
Head of Security
Recent News
2026-01-22
2025-12-11
Company data provided by crunchbase