
Brex
Senior
Senior GRC Lead at Brex — turning compliance frameworks into automated controls
Brex is hiring a Senior GRC Lead to sit at the intersection of security, engineering, and compliance, automating SOC 2/PCI DSS/ISO 27001 controls and building integrations between security tools and GRC platforms. This interview probes hands-on Python/API automation skill combined with deep audit and framework knowledge, not just policy-writing.
走进这场面试
免费 · 一场按这个岗位校准的真语音模拟
这场面试考什么
- Automating security/compliance controls (Python + APIs) rather than manual evidence collection
- Working knowledge of SOC 2, PCI DSS, ISO 27001, NIST CSF in cloud-native environments
- Building integrations between security tools and GRC platforms
- Designing continuous monitoring and automated control testing
- Cross-functional translation of compliance requirements into engineering specs
- AI governance frameworks (ISO 42001, NIST AI RMF, EU AI Act) awareness
常见提问方向
Walk me through a manual compliance process you automated — what was the before/after
How would you design a continuous control-monitoring system for a cloud-native SOC 2 program
Tell me about a time you had to translate a regulatory requirement into a technical spec for engineers
How do you prioritize across simultaneous audits (SOC 2, PCI DSS, SOX/ITGC) with limited engineering bandwidth
Describe an integration you built between a security tool and a GRC/compliance platform
How would you approach securing or governing an agentic AI system under emerging frameworks
相关面试

Brex
Mid
Software Engineer II, Backend

Brex
Senior
Senior Software Engineer, Backend (Product Engineering)

Brex
Senior
Senior Software Engineer, Release Infra

Affirm
Senior
Analytics Lead, Full Stack (Credit Analytics)

Coinbase
Staff
Staff Software Engineer (Tech Lead), Backend - Platform (Overseer)

Affirm
Manager