Governance, Risk, and Compliance Engineer

Job Summary

Required Qualifications

• Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or a related field (additional relevant experience may substitute for formal education)
• Minimum of NINE (9) or more years of progressively responsible experience in cybersecurity GRC, compliance engineering, risk management, or related enterprise technology roles
• Certified in Governance, Risk and Compliance (CGRC) (active)
• Certified Information Systems Security Professional (CISSP) (active)
• Demonstrated experience designing and implementing enterprise GRC platforms and compliance automation solutions
• Strong working knowledge of cybersecurity governance, risk management, and assessment processes within regulated environments
• Experience translating complex regulatory and control requirements into technical architectures and automated workflows
• Experience with leading GRC platforms (e.g., ServiceNow, Qmulos, Archer, or similar enterprise tools)
• Must be able to OBTAIN and MAINTAIN a Federal or DoD PUBLIC TRUST; candidates must obtain approved adjudication prior to onboarding
• Candidates with an ACTIVE PUBLIC TRUST or SUITABILITY and maintain an active HHS/NIH clearance are preferred
• Excellent written and verbal communication skills, including the ability to brief senior executives and technical stakeholders
• Experience supporting federal civilian, defense, or regulated commercial clients (nice-to-have)
• Additional certifications such as CISM, CISA, CCSP, or cloud security credentials (nice-to-have)
• Prior consulting experience with responsibility for client engagement, delivery assurance, and team leadership (nice-to-have)

Additional Requirements

• Note: Clearance requirements and ability to obtain/maintain Public Trust is a gating factor