Senior Security Engineer - GRC
About IonQ
IonQ, Inc. NYSE: IONQ is the world’s leading quantum platform and merchant supplier - delivering integrated quantum solutions across computing, networking, sensing, and security. IonQ’s newest generation of quantum computers, the IonQ Tempo, is the latest in a line of cutting-edge systems that have been helping customers and partners including Amazon Web Services, and AstraZeneca achieve 20x performance results and accelerate innovation in drug discovery, materials science, financial modeling, logistics, cybersecurity, and defense. In 2025, the company achieved 99.99% two-qubit gate fidelity, setting a world record in quantum computing performance.
Location and Travel
This position can work onsite or hybrid from one of our offices (College Park, MD, Bothell, WA) or fully remote in the US. Minimal travel is required, less than 10%.
Job ID and Role
Job ID: 1455 The Role: Quantum computing and security are intimately connected. One day, quantum computers will render RSA trivially crackable; today, protecting our cutting-edge research is essential. As a Security Engineer focused on GRC, you’ll help drive our implementation of security audit programs and risk management frameworks. This is an opportunity to bring your diverse background into the future of computing. We’d love a blend of hands-on experience as well as tactical and strategic direction.
Responsibilities
- Implement and manage the NIST Risk Management Framework (RMF) to achieve and maintain compliance, mapping controls from standards like SOC 2, PCI, NIST 800-53, NIST 800-171, and CMMC.
- Drive the data privacy program by conducting Privacy Impact Assessments (PIAs) and Data Protection Impact Assessments (DPIAs) and managing day-to-day operations like Data Subject Access Requests (DSARs).
- Design and execute a continuous internal audit program to validate the effectiveness of our security controls.
In the first three months, you’ll be helping to ensure that our environments meet audit standards through iterative review and automation so that we can meet advanced requirements in security standards.