What
you’ll
achieve:
The Governance, Risk, and Compliance Engineer will play a pivotal role in ensuring the organization's adherence to regulations and standards, as well as managing and mitigating risks. As a GRC Engineer, you will
be responsible for
implementing and
maintaining
our governance, risk management, and compliance program. Your
expertise
will enable us to effectively
identify
and manage risks, ensure compliance with regulations and industry standards, and
maintain
a strong governance framework.
Essential Duties
Support and lead Outseer governance, risk management, and compliance programglobally, aligning with relevant regulations, industry standards, and best practices.
Conduct regular risk assessments, identify potential vulnerabilities, and implement strategies to mitigate risks across the organization.
Lead and coordinate third-party security audits, and act as the primary point of contact for customer security reviews.Recommend and maintain policies, procedures, and controls to ensure compliance with applicable regulations, standards, and internal requirements.
Monitor and assess changes in regulatory requirements and industry standards and ensure timely updates to the compliance program.
Collaborate with cross-functional teams to integrate risk management and compliance controls into business processes, applications, and systems.
Conduct compliance audits, assessments, and gap analyses to identify areas for improvement and implement remediation plans.
Coordinate and manage third-party assessments, audits, and certifications, ensuring compliance with contractual obligations.
Provide guidance and support to stakeholders regarding risk management, compliance requirements, and governance practices.
Demonstrates an automation-first mindset, leveraging modern AI technologies to enhance GRC processes.
Deliver training programs to educate employees on risk awareness, compliance obligations, and best practices.
Stay updated with emerging trends and changes in the governance, risk, and compliance landscape, and proactively recommend improvements to enhance the effectiveness of the program.
Desir
ed
Requirements
Bachelor’s degree in computer science, Information Security, Risk Management, or a related field - or equivalent work experience.
8+ years of experience in governance, risk management, and compliance roles, with a focus on information security and technology.
Knowledge of regulatory frameworks and standards such as ISO 27001, NIST Cybersecurity Framework, GDPR, HIPAA, or PCI DSS.
Experience implementing governance frameworks, risk assessment methodologies, and compliance programs.
Familiarity with risk assessment techniques, including the identification, analysis, and treatment of risks.
Demonstrated experience conducting compliance audits, assessments, and managing remediation efforts.
Knowledge of security controls, industry best practices, and risk management frameworks.
Strong understanding of business processes, systems, and technologies, and their associated risks.
Excellent communication and interpersonal skills, with the ability to effectively collaborate with stakeholders at all levels of the organization.
Professional certifications such as CISA, CRISC, CISSP, or CISM are highly desirable.
Desired Behaviors
Adaptability:
Demonstrates
flexibility and openness to change. Actively
seeks
and adopts improved approaches and processes.
Proactive Action:
Takes initiative and is driven by results. Takes ownership of actions and outcomes, meeting commitments and striving for high performance.
Effective Workload Management:
Makes
timely
decisions, prioritizes tasks effectively, solves problems,
monitors
results, and takes corrective action when necessary.
Technical Proficiency
:
Possesses
a solid understanding of their role and responsibilities,
demonstrating
competence in performing tasks and
utilizing
relevant technical skills.
Continuous Learning
: Takes personal responsibility for learning and development. Recognizes personal strengths and areas for improvement, actively seeks feedback, and embraces opportunities to learn.
Effective Communication
:
Demonstrates
strong facilitation and written communication skills. Clearly articulates ideas and proposals, actively listens to colleagues' perspectives, and values diverse viewpoints.
Collaboration:
Shares information, fosters teamwork, and contributes to a positive work environment. Actively collaborates with others and encourages a sense of unity and cooperation among team members.
Ethical Conduct and Competence
: Acts with integrity and intent, displaying ethical character in all actions. Takes accountability for one's own behavior and aligns actions with the company's values and principles.
Good Citizenship
:
Represents
the values and interests of Outseer. Acts as a positive ambassador for the company and contributes to the overall well-being and success of the organization.
