Job Description
An employer in San Diego is looking for a Governance, Risk, and Compliance (GRC) Engineer to join their team. This individual is responsible for reviewing, assessing, documenting, and managing the compliance and risk posture of information assets within the County of San Diego. This person will make sure that applications and 3rd party vendors are up to date and in compliance with specific security standards. They will oversee end-to-end risk management, assess solution risk, and manage all policy and process documentation. This individual will act as a trusted advisor, sit in on meetings, offer ideas, and negotiate terms and requirements with architects, stakeholders, etc. They will be the voice of compliance. In this role, they will manage the risk register, perform internal security assessments, host external auditors, and review solution designs in relation to security. They must be able to assess computer hardware, software, and systems for security risks or violations and work with staff and technology vendors to recommend solutions. This person can work remotely.
Required Skills & Experience
5-8 years in IT relevant role(s) with 3-5 years specifically in Cyber Security
Knowledge and understanding of RMF (Risk Management Framework)
Understanding of NIST 800-53 Rev 5, HIPPA, PHI, or FTI
Experience utilizing SIEM tools (i.e. Arcsight, QRadar) Sourcefire, FireEye, Snort or an equivalent tool
Experience granting access and monitoring security using Multi factor authentication
Great communication and documentation skills, both written and verbal
Bachelor's or post graduate degree in a technical field
Nice to Have Skills & Experience
CISSP, CISA, CRISC, CEH, GPEN, GCIA certifications etc.
ServiceNow IRM
OneTrust VRM (IRM tool)
Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.