GRC Engineer

Payabli is a next-generation Payments Infrastructure and Monetization Platform purpose-built for vertical software companies. Through a single, developer-friendly API with low-code embedded payment components, Payabli enables platforms to seamlessly embed, monetize, and operationalize payments—making payments a core part of their platform and business model.

By unifying payment acceptance, payment issuance, and advanced payment operations tooling, Payabli empowers software companies to manage and move money through a single infrastructure stack that delivers total control over the payments experience. Built to scale with PCI DSS 4.0 and SOC 2-compliant security, Payabli’s infrastructure delivers enterprise-grade reliability and trust while leveraging AI-driven intelligence to enhance visibility, streamline operations, and drive revenue growth.

Backed by leading fintech investors including QED Investors, Fika Ventures, TTV Capital, and Bling Capital, Payabli is setting the standard for embedded payments infrastructure powering the next generation of vertical SaaS.

Payabli is seeking a GRC Engineer to drive our governance, risk, and compliance program by implementing, operating, and continuously improving controls aligned with SOC 2, PCI DSS, ISO, and NIST frameworks. This role partners closely with Security, Engineering, and IT to ensure compliance requirements are operationalized, scalable, and audit ready in a modern cloud and serverless environment.

• Own and maintain the compliance platform (Drata), including control mapping, evidence collection, continuous monitoring, and audit workflows

• Manage control documentation, policies, procedures, and supporting artifacts across multiple compliance frameworks

• Perform risk assessments, vendor security reviews, and control gap analyses, and track remediation through to completion

• Partner with Security, IT, and Engineering teams to ensure technical and administrative controls align with documented policies and compliance requirements

• Support internal and external audits, including SOC 2, PCI DSS, and customer security reviews

• Conduct periodic user access reviews and assist with access governance and RBAC validation

• Develop and maintain compliance reporting, metrics, and executive ready summaries

• Identify and implement automation opportunities to streamline evidence collection, access reviews, and policy lifecycle management

• Hands on experience operating and maintaining a compliance platform such as Drata or similar

• Strong understanding of GRC fundamentals, including control design, evidence management, and audit readiness

• Experience performing user access reviews and supporting identity and access governance processes

• Working knowledge of security and compliance frameworks such as PCI DSS, SOC 2, ISO 27001 or ISO 42001, and NIST

• Experience collaborating with technical teams to validate cloud, application, and security controls

• Strong documentation skills with the ability to translate technical controls into clear compliance narratives

• Experience using Wiz or similar cloud security posture management tools

• Familiarity with cloud native and serverless architectures

• Security certification such as Security+, CISSP, CISM, or similar is a plus

• Prior experience in fintech, payments, or regulated SaaS environments

• Build and shape a modern GRC program in a fast growing fintech

• Work closely with security and engineering in a cloud native environment

• High ownership role with visibility across the organization

• Competitive compensation and benefits with a strong remote first culture

What we can offer you

• Competitive base

• Equity package

• 100% remote (US-based)

• Medical, dental, and vision

• 401(k) program (eligible after 3 months)

Unlimited PTO

We build technology that gets noticed and a workplace where people want to grow their careers.. Our work has been recognized by some of the industry’s most respected organizations, including the 2026 Forbes Fintech 50 list, which highlights the most innovative private companies in financial technology, Inc.’s 2025 Best Workplaces, and Built In’s 2026 Best Places to Work in Miami.

Payabli Is an equal opportunity employer and value a diverse, inclusive workplace.

Principals only. No external agency submissions. Candidates must apply directly; We will not accept submissions from third-party recruiters or staffing agencies.