Cybersecurity GRC Engineer

About The Position

Requirements

• Bachelor’s Degree in Cybersecurity, Information Technology, Risk Management, or related field required
• 3+ years of experience in cybersecurity, risk, compliance, or audit roles required
• Experience supporting audits, risk assessments, and compliance activities required
• Experience collaborating across IT and business teams required
• Working knowledge of NIST CSF, ISO 27001, and CIS frameworks
• Strong analytical, documentation, and organizational skills
• Ability to communicate technical concepts to non-technical stakeholders

Nice To Haves

• Relevant certifications such as Security+, CISA, CRISC, or similar preferred
• Familiarity with GRC tools such as ServiceNow GRC, Archer, Drata, Vanta, or similar preferred

Responsibilities

• Perform cybersecurity risk assessments for systems, applications, and business processes
• Support third-party/vendor risk assessments and due diligence reviews
• Identify control gaps, document risks, and assist in developing remediation plans
• Maintain and update the enterprise risk register, including risk scoring and tracking
• Partner with control owners to validate mitigation efforts and risk status
• Support internal and external audits by coordinating evidence collection and responses
• Track audit findings, remediation activities, and validate closure
• Assist with security questionnaires, RFP responses, and due diligence requests
• Help ensure compliance with regulatory and contractual requirements
• Maintain and update cybersecurity policies, standards, and procedures
• Support mapping of controls to frameworks such as NIST CSF, ISO 27001, and CIS
• Assist in the development and maintenance of a unified control framework
• Support control testing activities and documentation of effectiveness
• Develop and maintain GRC metrics, dashboards, and reporting artifacts
• Track key risk indicators (KRIs), audit trends, and remediation progress
• Prepare reports and summaries for leadership and stakeholders
• Maintain organized documentation and evidence repositories
• Partner with cross-functional teams to drive risk awareness and remediation efforts
• Support process improvements to enhance GRC efficiency and scalability
• Assist in implementing and optimizing GRC tools and automation
• Stay current on cybersecurity risks and compliance requirements
• Performs other duties as assigned.

Benefits

• Health coverage (3 medical options, dental and vision)
• 401(k) Retirement Plan w/company match
• Health Savings Accounts w/company match
• FREE virtual primary care, acute care and physical therapy
• FREE Employee Assistance Program
• Company paid (vacation, holidays, sick time, bereavement, jury duty, maternity/parental, disability leave and volunteer time)
• Discounted & free product
• Tuition reimbursement
• Opportunities for career advancement