Develop solutions leveraging tools and technology
Act as system administrator for certain security or GRC tools
Engage with security vendors on design sessions, and help configure GRC solutions for use
Work with IT partners in Application Security, Security Engineering and Operations, Enterprise Applications, Desktop Support, Help Desk, Networking and Infrastructure Operations, to get data and information needed to support GRC work
Stay current with threat intelligence and make recommendation for improvements
Participate in security incidents as needed
Support security assessment requests for customers, HITRUST, SOC 2, etc. by pulling appropriate data as needed

Bachelor's Degree in Computer Science or related discipline or advanced degree
4-6 years of relevant experience or advanced Degree
Security engineering experience, including implementing information security or cybersecurity solutions
Experience in working with security technology, tools, or processes such as phishing campaigns, vulnerability scans, IRPs, playbooks, IAM, PAM, MFA, RBAC, SSO, DLP, IDS/IPD, XDR, MDM, SIEM, threat hunting, etc.
Experience with one or more of the following frameworks: COSO, NIST CSF, RMF, ISO, COBIT
Experience working in an environment with one or more of the following: Health Insurance Portability and Accountability Act (HIPAA), Sarbanes-Oxley Act (SOX), Security Operation Center (SOC), Payment Card Industry (PCI), GRC
Experience working with IT partners and adequate exposure to their areas such as SSDLC, software engineering, infrastructure, networking, service desk, desktop support, security operations, etc.

Senior Engineer, Governance, Risk & Compliance – TPRM

Key skills