ApplyDescriptionJob Overview:
Dynasty Financial Partners is seeking an experienced, and technically hands-on Data GRC Engineer to join our Information Technology team. In this role, you will help design and execute enterprise-wide data controls, AI governance initiatives, and compliance infrastructure. You will configure and manage DLP policies, build data classification and sensitivity labeling frameworks, engineer detection and remediation pathways for AI control failures. In parallel, you will run our SOC 2 Type II internal evidence-gathering process and manage continuous vendor monitoring, ensuring the organization maintains a strong security and compliance posture. This role operates within our Microsoft-centric technology environment and requires hands-on familiarity with the Microsoft ecosystem.
Job Duties:
Help with the design, implementation, and continuous improvement of the enterprise data and AI governance framework, including policies, standards, operating procedures, and controls aligned with standard frameworks.
Help build and maintain a master inventory of critical data elements, data owners, authoritative sources, and data lineage across the organization to determine how it flows through systems, products, and AI models.
Help build and maintain a Data Loss Prevention program that incorporates AI data.
Help design a feedback system for AI systems to roll into the vulnerability management process.
Consume CASB data to manage proper responses and policies.
Collaborate with cross-functional stakeholders (Engineering, Product, Finance, Operations, etc.) to investigate root causes of any failure to controls and prevent recurrence
Establish and report on data governance KPIs, quality scorecards, and maturity metrics to tech leadership
Champion data stewardship across business units by training data owners on governance responsibilities and best practices
Security, Compliance & Third Party Management
Manage the internal SOC 2 Type II evidence-gathering process end-to-end: coordinate with control owners, collect and organize audit evidence, track remediation items, and liaise with external auditors
Develop and maintain data security policies and procedures aligned with SOC 2 Trust Services Criteria and organizational risk tolerance
Own the continuous monitoring program for third-party vendors, including periodic risk assessments, security questionnaire reviews, and contract compliance verification
Partner with PMO, Infrastructure/Cyber, and vendor management to evaluate new vendors and ensure data protection obligations are clearly defined in agreements
Monitor regulatory developments and emerging compliance requirements that affect data handling, privacy, and security practices; recommend and implement necessary changes
Maintain a compliance calendar to ensure all cyclical audit, assessment, and reporting obligations are met on time
Microsoft Ecosystem & Tooling
Leverage Microsoft technology stack to support governance and compliance objectives, including but not limited to:
Microsoft Purview for data cataloging, classification, lineage, and sensitivity labeling
Microsoft 365 Compliance Center for data loss prevention (DLP), retention policies, and information protection
Microsoft Cloud Application Security
Entra ID for access governance and identity management
Power BI for data quality dashboards and governance reporting
SharePoint / Teams for policy documentation, collaboration, and evidence management workflows
Experience with data lakes is a plus
Collaboration & Projects
Partner with external auditors, MSPs, and software providers to resolve compliance gaps and implement solutions
Collaborate with internal departments on cross-functional data governance and security initiatives
Respond promptly to critical data integrity or compliance incidents as needed
Requirements
Requirements:
Experience & Certifications
4-7+ years of progressive experience in data governance, data management, data quality, or related discipline
2+ years of direct experience with SOC 2 compliance - specifically internal evidence gathering, control documentation, and audit coordination
Experience managing or participating in third-party vendor risk assessment and continuous monitoring programs
Industry certifications such as CDMP, CISA, CRISC, or CISSP are a plus
Technical Skills
Demonstrated ability to manage products from a governance perspective
Strong working knowledge of the Microsoft technology stack (Azure, Microsoft 365, Power BI, Purview, SharePoint)
Proficiency with data governance or cataloging platforms (e.g., Microsoft Purview, Collibra, Informatica, Alation)
SQL proficiency or experience working with data engineering teams
Familiarity with additional compliance frameworks beyond SOC 2 (e.g., ISO 27001, NIST CSF, NIST RMF AI, ISO) is ideal
Experience with GRC tools, audit evidence management platforms, or vendor risk management solutions is a plus
Process & Framework Knowledge
Understanding of data governance frameworks and methodologies
Ability to design, document, and execute process-driven governance and compliance workflows
Familiarity with SOC 2 Trust Services Criteria and control mapping
BENEFITS:
Health Insurance
Dental insurance
Vision insurance
Retirement plan 401(k)
401(k) matching
Paid Time Off
FSA/HSA benefits plans
Disability benefits
Voluntary Life Insurance
Basic Life Insurance
EQUAL EMPLOYMENT OPPORTUNITY:
Dynasty Financial Partners is committed to providing equal employment opportunities and ensuring that all employment-related decisions are made without regard to race, color, sex, age, national origin, religion, physical or mental disability (unrelated to the ability to perform job duties) veteran status, or any other protected status under applicable law.