Senior GRC Engineer

Lantern, a specialty care platform connecting members with top specialists and trusted by the nation's largest employers, is seeking a Senior GRC Engineer to join its GRC team as a key individual contributor. The role is built for someone who builds compliance infrastructure rather than just managing it, reporting to the Sr. GRC Manager and working at the intersection of security engineering, AI governance, and healthcare compliance. It is hybrid, requiring at least 3 days/week in Lantern's Dallas, TX offices.

Responsibilities span compliance automation and evidence engineering (writing Python/SQL/API scripts to pull evidence from AWS, Azure, IAM platforms, endpoint agents, and CI/CD pipelines; building continuous control monitoring; and compliance-as-code/policy-as-code approaches) and operating the GRC platform (ServiceNow GRC, Drata, OneTrust, or equivalent) as an engineer building integrations.

The AI governance portion includes building and maintaining Lantern's AI risk register and AI systems inventory, implementing AI governance controls aligned to the NIST AI RMF (model risk, bias, transparency, accountability), and monitoring HHS AI policy, the EU AI Act, and state-level regulation. The role also owns the HIPAA Privacy and Security program and supports HITRUST CSF and SOC 2 Type II audits.

Qualifications

• Strong scripting/automation skills (Python, SQL, APIs) to eliminate manual evidence collection
• Experience building continuous control monitoring and compliance-as-code/policy-as-code approaches
• Hands-on experience operating GRC platforms (ServiceNow GRC, Drata, OneTrust, or equivalent) as an engineer
• Experience implementing AI governance controls aligned to the NIST AI RMF
• HIPAA Privacy and Security program experience; familiarity with HITRUST CSF and SOC 2 Type II