GRC Engineer

💰 $116k-$145k
🇺🇸 United States - Remote
🔒 Cybersecurity🔵 Mid-level

Job description

ABOUT FANDUEL

FanDuel Group is the premier mobile gaming company in the United States and Canada. FanDuel Group consists of a portfolio of leading brands across mobile wagering including: America’s #1 Sportsbook, FanDuel Sportsbook; its leading iGaming platform, FanDuel Casino; the industry’s unquestioned leader in horse racing and advance-deposit wagering, FanDuel Racing; and its daily fantasy sports product.

In addition, FanDuel Group operates FanDuel TV, its broadly distributed linear cable television network and FanDuel TV+, its leading direct-to-consumer OTT platform. FanDuel Group has a presence across all 50 states, Canada, and Puerto Rico.

The company is based in New York with US offices in Los Angeles, Atlanta, and Jersey City, as well as global offices in Canada and Scotland. The company’s affiliates have offices worldwide, including in Ireland, Portugal, Romania, and Australia.

FanDuel Group is a subsidiary of Flutter Entertainment, the world’s largest sports betting and gaming operator with a portfolio of globally recognized brands and traded on the New York Stock Exchange (NYSE: FLUT).

THE POSITION Our roster has an opening with your name on it

FanDuel is seeking a GRC Engineer to bring technical excellence to our Governance, Risk, and Compliance initiatives. You’ll focus on engineering solutions, automation, and integrations that support programs in Third-Party Risk Management (TPRM), Identity Governance & Administration (IGA), Technology Risk, and Business Continuity/Disaster Recovery (BCDR).

To be successful in this role, you’ll need to be curious, adaptable, and eager to solve complex challenges with code. You should thrive on working across technical domains, collaborating with peers, and finding innovative ways to embed GRC practices into real-world systems. Success means delivering reliable, scalable solutions that strengthen assurance and enable the business to move fast while staying secure.

In addition to the specific responsibilities outlined above, employees may be required to perform other such duties as assigned by the Company. This ensures operational flexibility and allows the Company to meet evolving business needs.

THE GAME PLAN

Everyone on our team has a part to play

  • Engineer automation and integrations that streamline GRC processes and reduce manual effort.
  • Implement solutions across TPRM, IGA, and BCDR, supporting vendor risk assessments, access recertifications, and resilience testing.
  • Build and maintain APIs and integrations between GRC platforms, IAM systems, and enterprise tools.
  • Automate control testing and monitoring to improve consistency, assurance, and speed of response.
  • Collaborate with engineers across technical domains to embed GRC requirements into infrastructure, applications, and cloud services.
  • Contribute to documentation and knowledge sharing for GRC tooling, integrations, and automated workflows.
  • Build and maintain automation using platforms like Tines and perform API integrations for evidence collection, assurance reporting, and user populations.
  • Support and advise engineering teams on “policy as code” approaches (e.g., using Rego/OPA or similar frameworks) to embed controls directly into engineering workflows, ensuring compliance and risk requirements are enforced at scale.
  • Stay current on evolving regulations and technologies, applying them to engineer sustainable solutions.
  • Support other critical GRC initiatives as assigned or needed, ensuring flexibility and responsiveness to business priorities.

THE STATS

What we’re looking for in our next teammate

  • 5–7+ years of experience in Security Engineering or a Technical GRC function (candidates with strong technical ability and fewer years will be considered).
  • Strong coding/scripting skills (Python, JavaScript, PowerShell, SQL) and ability to integrate systems using APIs.
  • Experience building automation or integrations in enterprise environments.
  • Familiarity with GRC domains such as TPRM, IGA, and BCDR and associated toolsets, e.g., OneTrust, Zilla, Riskonnect, Anecdotes, or similar.
  • Knowledge of regulatory frameworks and control domains (SOX, SOC 2, PCI, GDPR, NIST CSF, ISO 27001).
  • Familiarity with AWS infrastructure and integration patterns.
  • Experience with automation and orchestration tools (e.g., Tines) and API integrations for evidence collection and monitoring is strongly preferred.
  • Experience with policy as code frameworks (e.g., Rego/OPA, CloudFormation Guard, Terraform Sentinel) a plus.
  • Strong collaboration and communication skills — able to work across functions and explain technical concepts clearly.
  • Innovative and adaptable mindset – comfortable learning quickly, adjusting to evolving regulations and technologies, and seeking out innovative approaches.
  • Pragmatic approach – focused on balancing compliance rigor with engineering realities in a fast-moving environment.
  • Preferred Certifications: CISA, CISSP, or CISM.

PLAYER BENEFITS

We treat our team right

We offer amazing benefits above and beyond the basics. We have an array of health plans to choose from (some as low as $0 per paycheck) that include programs for fertility and family planning, mental health support, and fitness benefits. We offer generous paid time off (PTO & sick leave), annual bonus and long-term incentive opportunities (based on performance), 401k with up to a 5% match, commuter benefits , pet insurance, and more - check out all our benefits here: FanDuel Total Rewards. *Benefits differ across location, role, and level.

FanDuel is an equal opportunities employer and we believe, as one of our principles states, “We are One Team!”. As such, we are committed to equal employment opportunity regardless of race, color, ethnicity, ancestry, religion, creed, sex, national origin, sexual orientation, age, citizenship status, marital status, disability, gender identity, gender expression, veteran status, or any other characteristic protected by state, local or federal law. We believe FanDuel is strongest and best able to compete if all employees feel valued, respected, and included.

The applicable salary range for this position is $116,000 - $145,000 USD, which is dependent on a variety of factors including relevant experience, location, business needs and market demand. This role may offer the following benefits: medical, vision, and dental insurance; life insurance; disability insurance; a 401(k) matching program; among other employee benefits. This role may also be eligible for short-term or long-term incentive compensation, including, but not limited to, cash bonuses and stock program participation. This role includes paid personal time off and 14 paid company holidays. FanDuel offers paid sick time in accordance with all applicable state and federal laws.

FanDuel is committed to providing reasonable accommodations for qualified individuals with disabilities. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please [email protected].

It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.

#LI-Hybrid

Share this job:
Please let FanDuel know you found this job on Remote First Jobs 🙏

Similar Remote Jobs

FanDuel logo

FanDuel

Innovative sports-tech entertainment

  • 1001-5000 employees
  • Founded in 2009
  • 29 remote jobs
View all jobs

Latest Jobs at FanDuel

Benefits of using Remote First Jobs

Discover Hidden Jobs

Unique jobs you won't find on other job boards.

Advanced Filters

Filter by category, benefits, seniority, and more.

Priority Job Alerts

Get timely alerts for new job openings every day.

Manage Your Job Hunt

Save jobs you like and keep a simple list of your applications.

Search remote, work from home, 100% online jobs

We help you connect with top remote-first companies.

Search jobs

Hiring remote talent? Post a job

Frequently Asked Questions

What makes Remote First Jobs different from other job boards?

Unlike other job boards that only show jobs from companies that pay to post, we actively scan over 20,000 companies to find remote positions. This means you get access to thousands more jobs, including ones from companies that don't typically post on traditional job boards. Our platform is dedicated to fully remote positions, focusing on companies that have adopted remote work as their standard practice.

How often are new jobs added?

New jobs are constantly being added as our system checks company websites every day. We process thousands of jobs daily to ensure you have access to the most up-to-date remote job listings. Our algorithms scan over 20,000 different sources daily, adding jobs to the board the moment they appear.

Can I trust the job listings on Remote First Jobs?

Yes! We verify all job listings and companies to ensure they're legitimate. Our system automatically filters out spam, junk, and fake jobs to ensure you only see real remote opportunities.

Can I suggest companies to be added to your search?

Yes! We're always looking to expand our listings and appreciate suggestions from our community. If you know of companies offering remote positions that should be included in our search, please let us know. We actively work to increase our coverage of remote job opportunities.

How do I apply for jobs?

When you find a job you're interested in, simply click the 'Apply Now' button on the job listing. This will take you directly to the company's application page. We kindly ask you to mention that you found the position through Remote First Jobs when applying, as it helps us grow and improve our service 🙏

Apply