Lead Cybersecurity GRC Engineer-6
Remote, New York 10048 Posted April 9th, 2026 Looking for more job opportunities? Click here! Job Type: Full Time Job Category: IT
Job Description
Role: Lead Cybersecurity GRC Engineer Location: Remote FTE
Job Description
Must Have Technical/Functional Skills
- CISSP certification strongly preferred (or equivalent demonstrated experience).
- Additional certifications such as CISA, CISM are a plus.
- Experience with GRC platforms such as:
- ServiceNow IRM / GRC
- Archer
- 6clicks
- Other comparable GRC tools
- Prior exposure to regulated financial services environments (Banking / Insurance).
Roles & Responsibilities Lead and oversee cybersecurity risk remediation and governance initiatives aligned with enterprise risk and compliance requirements.
- Interpret security policies, standards, and regulatory requirements, and apply them effectively to enterprise assets and environments.
- Identify control gaps, non-compliance issues, and deviations, and drive remediation efforts to closure.
- Perform and guide security control testing, including:
- Test of Design (ToD)
- Test of Effectiveness (ToE)
- Provide remediation guidance across key cybersecurity domains, including but not limited to:
- Secure architecture and security design
- Security testing and validation
- Secure coding and code compliance
- Business Continuity Planning (BCP) and Disaster Recovery (DR)
- Third-Party Risk Management (TPRM)
- Partner with technical, risk, and business stakeholders to gather and validate evidence supporting remediation and compliance activities.
- Prepare and maintain high-quality documentation such as:
- Policies, procedures, and SOPs
- Remediation plans and guidance documents
- Risk and compliance reports
- Present findings, recommendations, and remediation strategies to senior stakeholders and decision-makers.
- Influence outcomes through clear, tactful, and data-driven communication.
- Support compliance and audit activities; prior audit engagement experience is highly desirable.
Generic Managerial Skills, If any
- Minimum 8 years of experience in Cybersecurity and GRC, spanning multiple security domains (CISSP domains may be used as a reference framework).
- Strong hands-on experience in risk remediation, particularly across security design, testing, compliance, BCP/DR, and third-party risk.
- Proven ability to translate policy and regulatory requirements into actionable remediation steps.
- Demonstrated experience in control testing (ToD and ToE).
- Excellent verbal and written co mmunication skills, with experience engaging senior leaders within banking or insurance organizations.
- Strong analytical and documentation skills with a track record of producing professional, client-ready deliverables.
- Experience advising on remediation strategies and risk treatment options.
Required Skills CLOUD SECURITY ENGINEER SENIOR EMAIL SECURITY ENGINEER Apply tot his job Apply To this Job