GRC Engineer

CyMax Technologies is your trusted partner in IT/ ICT and CS Solutions. Our expert team navigates cutting-edge technology to empower businesses like yours. We prioritize innovation, security, and reliability to help organizations achieve their goals. Customer-centricity, integrity, and proactive service are among our core values leading towards safeguarding your digital assets/ ventures to thrive in an increasingly connected world.

Role Summary

The GRC Engineer supports the implementation of the organization's GRC framework, conducting risk assessments, managing compliance programs, and ensuring alignment with regulatory standards. They implement GRC tools, collaborate with IT and security teams, and assist in audits and assessments. The role includes preparing technical reports for senior management and stakeholders.

Responsibilities

• Assist in the development and implementation of the organization's GRC framework from a technical and engineering perspective.
• Conduct technical risk assessments to identify vulnerabilities and risks within the organization's systems and infrastructure.
• Support the creation, maintenance, and execution of compliance programs, ensuring technical controls are aligned with regulatory requirements.
• Implement and manage GRC tools and software to support risk management, auditing, and compliance activities.
• Ensure that security measures and policies adhere to industry standards and internal guidelines.
• Support technical audits, internal controls, and assessments to verify compliance with legal, regulatory, and contractual obligations.
• Collaborate with IT, security teams, and third-party vendors to monitor, assess, and mitigate risks in the technical environment.
• Assist in the preparation and presentation of technical GRC reports for senior management and stakeholders.

Qualifications

• Minimum bachelor's degree in Information Security, Computer Science, Risk Management, or related field.

Experience & Skills

• Minimum 2+ years in a technical GRC, risk management, or compliance-related role.
• Strong understanding of governance, risk, and compliance frameworks (e.g., NIST, ISO 27001, SOC 2).
• Familiarity with risk management methodologies and tools to assess and track technical risks.
• Knowledge of regulatory standards and compliance requirements (e.g., GDPR, HIPAA, PCI-DSS).
• Strong analytical skills with the ability to assess complex security, compliance, and risk-related data.
• Familiarity with security controls, audits, and vulnerability management in IT environments.
• Ability to collaborate with cross-functional teams, including IT, legal, and security teams, to manage and reduce risk.
• Excellent problem-solving and communication skills, with the ability to explain technical concepts to non-technical stakeholders.