MATRIX Resources is now “Motion Recruitment” and proud to combine job boards to bring the talent community even more expansive market opportunities.

Information Security GRC Engineer

Arlington, Virginia

Hybrid

Full Time

$128k - $174k

GRC Engineer

The Information Security GRC Engineer IV is pivotal in security landscape, serving as a significant contributor. This position is instrumental in molding the security stance, with a primary focus on supervising the creation and implementation of information security policies and technical standards. Additionally, it ensures strict compliance with established security prerequisites. Seeking a candidate with both the technical expertise and strategic insight in information security gained from working in complex technical environments.

This company is located in Reston, VA and will be a hybrid model.

What You Will Be Doing:
  • Craft and uphold information security policies, technical standards, and security guidelines.
  • Assess adherence to security controls and requirements.
  • Offer guidance to technical teams on implementing security controls effectively.
  • Assist in both internal and external security evaluations.
  • Create strategies to mitigate risks effectively.
  • Communicate remaining risks to senior management clearly and prepare executive-level reports.
  • Consistently assess current GRC processes to streamline operations, pinpoint areas for enhancement, and offer actionable suggestions for improvement.
Required Skills & Experience:
  • Have in-depth knowledge of cybersecurity and regulatory frameworks, privacy protocols, and industry-standard security practices such as NIST CSF, NIST SP 800-53, CIS Controls, SOC 2, GDPR, among others.
  • Demonstrate expertise in formulating and overseeing enterprise-level information security policies, technical standards, and security guidelines.
  • Possess extensive expertise in conducting security assessments, audits, and managing risks effectively.
  • Proficient in comprehending security controls and interpreting their essence, with the ability to implement them within intricate enterprise IT environments.
  • Hold a Bachelor's degree in Computer Science, an equivalent technical field, or possess commensurate work experience.
  • Have over 8 years of comprehensive experience in the field of information security.
Desired Skills & Experience:
  • Knowledgeable in cybersecurity threats and risks.
  • Knowledgeable in continuous monitoring.
  • Industry-recognized certifications, such as CISSP, CGRC, CAP, CISM, CRISC, or CISA are highly desirable.

Applicants must be currently authorized to work in the United States on a full-time basis now and in the future.
This position doesn’t provide sponsorship.

Posted by: Ashton Corbett

Specialization: Cloud Security