MATRIX Resources is now “Motion Recruitment” and proud to combine job boards to bring the talent community even more expansive market opportunities.

Information Security GRC Engineer

Arlington, Virginia


Full Time

$128k - $174k

GRC Engineer

The Information Security GRC Engineer IV is pivotal in security landscape, serving as a significant contributor. This position is instrumental in molding the security stance, with a primary focus on supervising the creation and implementation of information security policies and technical standards. Additionally, it ensures strict compliance with established security prerequisites. Seeking a candidate with both the technical expertise and strategic insight in information security gained from working in complex technical environments.

This company is located in Reston, VA and will be a hybrid model.

What You Will Be Doing:
  • Craft and uphold information security policies, technical standards, and security guidelines.
  • Assess adherence to security controls and requirements.
  • Offer guidance to technical teams on implementing security controls effectively.
  • Assist in both internal and external security evaluations.
  • Create strategies to mitigate risks effectively.
  • Communicate remaining risks to senior management clearly and prepare executive-level reports.
  • Consistently assess current GRC processes to streamline operations, pinpoint areas for enhancement, and offer actionable suggestions for improvement.
Required Skills & Experience:
  • Have in-depth knowledge of cybersecurity and regulatory frameworks, privacy protocols, and industry-standard security practices such as NIST CSF, NIST SP 800-53, CIS Controls, SOC 2, GDPR, among others.
  • Demonstrate expertise in formulating and overseeing enterprise-level information security policies, technical standards, and security guidelines.
  • Possess extensive expertise in conducting security assessments, audits, and managing risks effectively.
  • Proficient in comprehending security controls and interpreting their essence, with the ability to implement them within intricate enterprise IT environments.
  • Hold a Bachelor's degree in Computer Science, an equivalent technical field, or possess commensurate work experience.
  • Have over 8 years of comprehensive experience in the field of information security.
Desired Skills & Experience:
  • Knowledgeable in cybersecurity threats and risks.
  • Knowledgeable in continuous monitoring.
  • Industry-recognized certifications, such as CISSP, CGRC, CAP, CISM, CRISC, or CISA are highly desirable.

Applicants must be currently authorized to work in the United States on a full-time basis now and in the future.
This position doesn’t provide sponsorship.

Posted by: Ashton Corbett

Specialization: Cloud Security