Browse New and Exciting Opportunities

IT GRC Security Engineer

Waltham, MA 02452

Posted: 11/05/2025 Employment Type: Contract Job Category: IT Job Number: 4759

Job Description

The IT GRC Security Engineer will play a critical role in strengthening  governance, risk, and compliance posture. This role leads initiatives in business resilience, third-party risk management, and continuous improvement of GRC programs. The ideal candidate is a strategic thinker with hands-on experience in risk assessments, regulatory compliance, and cross-functional collaboration.

Key Responsibilities
1. Business Resilience
  • Conduct risk assessments and business impact analyses (BIA).
  • Develop and implement business continuity and disaster recovery (BC/DR) plans.
  • Design crisis management frameworks and incident response strategies.
  • Ensure compliance with regulatory and industry standards (e.g., ISO, NIST, HIPAA).
  • Facilitate resilience training, tabletop exercises, and testing programs.
  • Collaborate with cross-functional teams to enhance organizational resilience.
2. Third-Party Risk Management
  • Conduct security risk assessments of third-party vendors and service providers.
  • Develop and maintain third-party risk management (TPRM) frameworks.
  • Evaluate vendor security controls against industry benchmarks.
  • Partner with procurement, legal, and IT teams to embed risk assessments into onboarding and contract workflows.
  • Track and manage vendor risk findings, ensuring timely remediation.
  • Advise stakeholders on regulatory compliance requirements.
3. Continuous Improvement
  • Monitor and evaluate the effectiveness of GRC programs and initiatives.
  • Conduct performance assessments and identify areas for improvement.
  • Implement enhancements to governance practices and risk management capabilities.
  • Support the integration of IT security monitoring systems into GRC platforms for unified reporting.
4. Security Awareness & Training
  • Design and execute phishing simulation campaigns to assess user awareness and response.
  • Develop and manage cybersecurity training programs using platforms like KnowBe4.
  • Analyze training outcomes and adjust content to address gaps in security awareness.
  • Promote a culture of security through ongoing education and engagement.
Required Qualifications
  • Bachelor’s degree in Information Security, Computer Science, or related field.
  • 5+ years of experience in IT security, GRC, or risk management roles.
  • Strong understanding of regulatory frameworks (e.g., GDPR, SOX, HIPAA).
  • Experience with BC/DR planning and third-party risk assessments.
  • Excellent communication and stakeholder engagement skills.
Required Technical Skills
  • LogicGate – GRC workflow automation and risk tracking.
  • SecurityScorecard – Vendor cybersecurity ratings and external risk monitoring.
  • Microsoft Purview – Data governance, compliance, and information protection.
  • KnowBe4/Mimecast – Security awareness training and phishing simulation management.
Apply Online
Apply with LinkedIn Apply with Facebook Apply with X

Send an email reminder to:

Share This Job:

Related Jobs:

Login to save this search and get notified of similar positions.

About Waltham, MA

Discover exciting job opportunities in the vibrant area surrounding Waltham, Massachusetts! Known for its rich history, picturesque scenery, and bustling economy, Waltham offers job seekers a unique blend of innovation and tradition. Home to renowned universities, cutting-edge technology companies, and a thriving cultural scene, this city has something for everyone. Explore job listings in this region and unlock the door to a career filled with growth, charm, and endless possibilities. From strolling along the Charles River to catching a game at Fenway Park, there's no shortage of enchanting experiences waiting for you in the Waltham area. Start your job search today and embark on a rewarding career journey in one of the most inviting locations in the Northeast.