GRC- Cyber Security Engineer

ISITE TECHNOLOGIES is seeking a GRC- Cyber Security Engineer. The role involves implementing and managing enterprise GRC platforms, developing risk management frameworks, and ensuring compliance with data privacy regulations.

Responsibilities:

• Proven experience implementing or managing enterprise GRC platforms
• Expertise in developing and implementing risk management frameworks and conducting Cyber Security Risk Assessments, Threat Modelling, and control testing
• Demonstrated experience in designing and implementing data privacy programs and managing compliance with major regulations (GDPR, CCPA, etc.)
• Authored and managed the lifecycle of information security policies, standards, and procedures
• Experience in developing and maturing Third-Party Risk Management (TPRM) programs and platforms
• Understanding of cloud security governance and compliance management principles (e.g., Cloud Security Posture Management - CSPM)
• Excellent analytical, strategic thinking, and problem-solving skills
• Superior communication and presentation skills, with the ability to influence senior leadership and articulate complex risk concepts to diverse audiences

Requirements:

• Experience in Cyber Security GRC, Information Security Risk Management, Data Privacy, and Technology Audit
• Proven experience implementing or managing enterprise GRC platforms
• Expertise in developing and implementing risk management frameworks and conducting Cyber Security Risk Assessments, Threat Modelling, and control testing
• Strong knowledge of AI governance and security, including experience assessing risks in AI/ML models and data pipelines and familiarity with frameworks like the NIST AI Risk Management Framework and OWASP Top 10 for LLMs
• Demonstrated experience in designing and implementing data privacy programs and managing compliance with major regulations (GDPR, CCPA, etc.)
• Authored and managed the lifecycle of information security policies, standards, and procedures
• Experience in developing and maturing Third-Party Risk Management (TPRM) programs and platforms
• Understanding of cloud security governance and compliance management principles (e.g., Cloud Security Posture Management - CSPM)
• Excellent analytical, strategic thinking, and problem-solving skills
• Superior communication and presentation skills, with the ability to influence senior leadership and articulate complex risk concepts to diverse audiences
• Certifications: CMMC, (Mandatory)CCP, CCA, LCCA