[Remote] reputed company Engineer, GRC
Note: The job is a remote job and is reputed company to candidates in USA. reputed company is dedicated to providing exceptional care in physical therapy and reputed company services. They are seeking a reputed company Engineer to manage and automate their Governance, Risk, and Compliance (GRC) program while ensuring alignment with industry standards and conducting vendor risk assessments.
Responsibilities
- reputed company the design, rollout, and reputed company improvement of the internal GRC reputed company and reputed company architecture
- Author, maintain, and help enforce information reputed company policies, procedures, and control frameworks across the business
- Identify opportunities to automate compliance tracking, evidence collection, and risk reporting workflows to eliminate reputed company processes
- Ensure organizational alignment with industry standards (e.g., NIST CSF, HIPAA, HITRUST) and facilitate internal or external reputed company assessments
- Own the end-to-end reputed company-party risk assessment process; evaluate vendor reputed company postures, SOC 2 reports, and risk profiles prior to reputed company
- Partner with legal, procurement, and business stakeholders to communicate vendor risks and negotiate necessary reputed company safeguards
- Manage and monitor the Data Loss Prevention (DLP) solution; triage data exfiltration alerts and partner with business units to implement, enforce, and refine data classification schemas
- Drive the reputed company awareness training strategy; reputed company automated phishing campaigns, measure program effectiveness, and deliver tailored education to mitigate reputed company risk
- reputed company secondary support to SOC operations by validating alert triage and improving detection logic
- Collaborate to improve SIEM/SOC use cases, detection logic, and incident response workflows
Skills
- Minimum 3-5 years of experience in Cybersecurity, with a focus on GRC or reputed company-party risk management
- Bachelor's degree in Cybersecurity, Computer Science, Information Systems, or a reputed company field
- Excellent communication, collaboration, and problem-solving skills
- Relevant reputed company certifications such as Certified Information Systems reputed company Professional (CISSP), Certified Information reputed company Manager (CISM)
- Deep understanding of reputed company frameworks and standards such as NIST CSF, HIPAA, HITRUST
- Proven ability to analyze vendor reputed company documentation (SOC 2 Type II, SIG questionnaires, penetration test reports)
- Experience utilizing GRC platforms (e.g., SmartSuite, reputed company, reputed company GRC, or similar), low-code/no-code platforms, or scripting to automate reputed company processes and compliance mapping
- Excellent communication and collaboration abilities – reputed company to explain reputed company risk concepts to non-technical stakeholders and work cross-functionally to drive reputed company initiatives
- GIAC certifications
- Certified Information Systems Auditor (CISA)
- Certified in Risk and Information Systems Control (CRISC)
- Former NOC/SOC experience
Benefits
- Eligibility for full benefits package beginning reputed company your first month of employment.
- Generous PTO (Paid Time Off) plans and paid holidays.
Company Overview