Lead Cybersecurity GRC Engineer-6
Remote, New York 10048 Posted April 9th, 2026
Looking for more job opportunities? Click here!
Job Type: Full Time
Job Category: IT
Job Description
Role: Lead Cybersecurity GRC Engineer
Location: Remote
FTE
Job Description
Must Have Technical/Functional Skills
• CISSP certification strongly preferred (or equivalent demonstrated experience).
• Additional certifications such as CISA, CISM are a plus.
• Experience with GRC platforms such as:
• ServiceNow IRM / GRC
• Archer
• 6clicks
• Other comparable GRC tools
• Prior exposure to regulated financial services environments (Banking / Insurance).
Roles & Responsibilities
Lead and oversee cybersecurity risk remediation and governance initiatives aligned with enterprise risk and compliance requirements.
• Interpret security policies, standards, and regulatory requirements, and apply them effectively to enterprise assets and environments.
• Identify control gaps, non-compliance issues, and deviations, and drive remediation efforts to closure.
• Perform and guide security control testing, including:
• Test of Design (ToD)
• Test of Effectiveness (ToE)
• Provide remediation guidance across key cybersecurity domains, including but not limited to:
• Secure architecture and security design
• Security testing and validation
• Secure coding and code compliance
• Business Continuity Planning (BCP) and Disaster Recovery (DR)
• Third-Party Risk Management (TPRM)
• Partner with technical, risk, and business stakeholders to gather and validate evidence supporting remediation and compliance activities.
• Prepare and maintain high-quality documentation such as:
• Policies, procedures, and SOPs
• Remediation plans and guidance documents
• Risk and compliance reports
• Present findings, recommendations, and remediation strategies to senior stakeholders and decision-makers.
• Influence outcomes through clear, tactful, and data-driven communication.
• Support compliance and audit activities; prior audit engagement experience is highly desirable.
Generic Managerial Skills, If any
• Minimum 8 years of experience in Cybersecurity and GRC, spanning multiple security domains (CISSP domains may be used as a reference framework).
• Strong hands-on experience in risk remediation, particularly across security design, testing, compliance, BCP/DR, and third-party risk.
• Proven ability to translate policy and regulatory requirements into actionable remediation steps.
• Demonstrated experience in control testing (ToD and ToE).
• Excellent verbal and written co mmunication skills, with experience engaging senior leaders within banking or insurance organizations.
• Strong analytical and documentation skills with a track record of producing professional, client-ready deliverables.
• Experience advising on remediation strategies and risk treatment options.
Required Skills
CLOUD SECURITY ENGINEER
SENIOR EMAIL SECURITY ENGINEER
Apply tot his job
Apply To this Job
Looking for more job opportunities? Click here!
Job Type: Full Time
Job Category: IT
Job Description
Role: Lead Cybersecurity GRC Engineer
Location: Remote
FTE
Job Description
Must Have Technical/Functional Skills
• CISSP certification strongly preferred (or equivalent demonstrated experience).
• Additional certifications such as CISA, CISM are a plus.
• Experience with GRC platforms such as:
• ServiceNow IRM / GRC
• Archer
• 6clicks
• Other comparable GRC tools
• Prior exposure to regulated financial services environments (Banking / Insurance).
Roles & Responsibilities
Lead and oversee cybersecurity risk remediation and governance initiatives aligned with enterprise risk and compliance requirements.
• Interpret security policies, standards, and regulatory requirements, and apply them effectively to enterprise assets and environments.
• Identify control gaps, non-compliance issues, and deviations, and drive remediation efforts to closure.
• Perform and guide security control testing, including:
• Test of Design (ToD)
• Test of Effectiveness (ToE)
• Provide remediation guidance across key cybersecurity domains, including but not limited to:
• Secure architecture and security design
• Security testing and validation
• Secure coding and code compliance
• Business Continuity Planning (BCP) and Disaster Recovery (DR)
• Third-Party Risk Management (TPRM)
• Partner with technical, risk, and business stakeholders to gather and validate evidence supporting remediation and compliance activities.
• Prepare and maintain high-quality documentation such as:
• Policies, procedures, and SOPs
• Remediation plans and guidance documents
• Risk and compliance reports
• Present findings, recommendations, and remediation strategies to senior stakeholders and decision-makers.
• Influence outcomes through clear, tactful, and data-driven communication.
• Support compliance and audit activities; prior audit engagement experience is highly desirable.
Generic Managerial Skills, If any
• Minimum 8 years of experience in Cybersecurity and GRC, spanning multiple security domains (CISSP domains may be used as a reference framework).
• Strong hands-on experience in risk remediation, particularly across security design, testing, compliance, BCP/DR, and third-party risk.
• Proven ability to translate policy and regulatory requirements into actionable remediation steps.
• Demonstrated experience in control testing (ToD and ToE).
• Excellent verbal and written co mmunication skills, with experience engaging senior leaders within banking or insurance organizations.
• Strong analytical and documentation skills with a track record of producing professional, client-ready deliverables.
• Experience advising on remediation strategies and risk treatment options.
Required Skills
CLOUD SECURITY ENGINEER
SENIOR EMAIL SECURITY ENGINEER
Apply tot his job
Apply To this Job