Senior Security Engineer Governance, Risk & Compliance (GRC)

ASSYSTAustin, TX
23hHybrid
Match Resume

About The Position

ASSYST is seeking a Senior Security Engineer Governance, Risk & Compliance (GRC) to support our customer project in Austin, TX. The Security Engineer will project work by leading security governance, compliance, and risk management activities, with a strong focus on System Security & Privacy Plans (SSP/SSPP). This role bridges technical security operations and regulatory compliance, ensuring audit readiness, effective vulnerability remediation, and secure delivery of public-facing services across complex, multi-platform environments.

Requirements

  • Deep focus on: Governance, Risk, and Compliance (GRC), Enterprise Security and Security Architecture, Vulnerability Management and Penetration Testing , Cloud Security and hybrid environments
  • Proven experience owning SSP development end to end
  • Hands on experience with CMS MARS E v2.2 or comparable federal/state security frameworks
  • Strong expertise in: Control implementation documentation, Audit evidence collection and validation, POA&M creation, tracking, and remediation management
  • Ability to translate technical security issues into compliance aligned remediation actions
  • Strong stakeholder management skills across security, infrastructure, and application teams
  • Excellent written and verbal communication skills, particularly for executive stakeholders
  • Knowledge of NIST 800 53, NIST RMF, and privacy controls
  • Knowledge of Secure SDLC and DevSecOps practices

Nice To Haves

  • Experience operating in multi-vendor, multi-platform environments
  • Demonstrated ability to reduce repeat audit findings and improve compliance maturity
  • Experience mentoring or guiding teams on security governance best practices
  • Experience supporting HHSC systems, including SSP development and compliance

Responsibilities

  • Lead end to end System Security & Privacy Plan (SSP/SSPP) development, maintenance, and updates for enterprise systems
  • Drive remediation activities through POA&M management, ensuring timely closure of compliance gaps
  • Translate penetration testing and vulnerability findings into actionable remediation work items (EPICs/user stories)
  • Coordinate with application, infrastructure, and security teams to validate remediation through re-testing and evidence
  • Oversee risk-based vulnerability management, including prioritization and SLA-driven remediation
  • Provide governance oversight for endpoint protection, web application security, and cloud security controls
  • Produce assessor ready documentation, including configurations, monitoring evidence, approvals, and incident traceability
  • Support continuous audit readiness and reduce repeat findings through disciplined governance and documentation practices

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Senior

Education Level

No Education Listed

Job Search Resources

Similar Senior Security Engineer Governance, Risk & Compliance (GRC) job opportunities

Manager, Governance, Risk & Compliance (GRC)
Aya Healthcare
Aya Healthcare • San Diego, CA8d
Manager, Governance, Risk & Compliance (GRC)
Aya Healthcare
Aya Healthcare • San Diego, CA8d • $140,000 - $165,000
Governance, Risk & Compliance (GRC) Lead
Fireworks AI
Fireworks AI • San Mateo, CA13d
🔥 New JobSenior Governance, Risk, and Compliance (GRC) Analyst
Colorado Public Employees' Retirement Association
Colorado Public Employees' Retirement Association • Denver, CO22h • $90,500 - $111,500 • Hybrid
GRC Lead (Governance, Risk, and Compliance)
Replit
Replit • Foster City, CA8d • Onsite
Systems Manager-Governance, Risk, & Compliance (GRC)
ConEdison
ConEdison • New York, NY7d
Explore More Jobs

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service