An employer in San Diego is seeking a Governance, Risk, and Compliance (GRC) Engineer. This role involves managing the compliance and risk posture of information assets within the County of San Diego. Responsibilities include ensuring applications and third-party vendors comply with security standards, overseeing risk management, and maintaining policy and process documentation. The GRC Engineer will act as a trusted advisor, participate in meetings, offer ideas, and negotiate terms with architects and stakeholders. They will manage the risk register, conduct internal security assessments, host external auditors, and review security aspects of solution designs. The candidate must assess hardware, software, and systems for security risks and work with staff and vendors to recommend solutions. This position can be remote but requires availability to work PST.
We are a company committed to creating inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity employer that believes everyone matters. Qualified candidates will receive consideration for employment opportunities without regard to race, religion, sex, age, marital status, national origin, sexual orientation, citizenship status, disability, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to
Human Resources Request Form. The EEOC "Know Your Rights" Poster is available
here.
To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy:
https://insightglobal.com/workforce-privacy-policy/ .
5-8 years in IT relevant role(s) with 3-5 years specifically in Cyber Security
Understanding of NIST 800-53 framework and experience with control sets
Experience utilizing risk management tools and/or risk register
Experience with completing compliance assessments for projects and solutions
Great communication and documentation skills, both written and verbal
Bachelors degree in information technology, Cybersecurity, or a related field.
CISSP, CISA, CISM, CRISC, CEH, GPEN, GCIA certifications etc.
Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.