Franklin Fitch
Information Security Engineer – GRC & Security Engineering
We’re looking for a hands‑on Information Security Engineer with deep GRC expertise to join a leading financial organization. This role combines technical security engineering with governance, risk, and compliance, supporting enterprise‑wide compliance initiatives and automation programs.
About the Role You’ll work across security and compliance domains, implementing and automating controls, integrating GRC platforms, and embedding compliance into enterprise systems. You’ll support ISO 27001, NIST, SOC 2, SOX, PCI DSS, GDPR, and HIPAA programs while collaborating with security, IT, and business teams.
Responsibilities
Lead implementation and automation of GRC platforms (RSA Archer, ServiceNow GRC, BitSight, ProcessUnity, Vanta)
Support SIEM monitoring, incident response, and technical controls aligned with compliance frameworks
Embed risk and compliance controls into enterprise systems and IT processesAssist with audits, regulatory assessments, and reporting to demonstrate governance effectiveness
Drive improvements in risk management processes through technology and automation
Requirements
5+ years’ experience in information security engineering or technical GRC roles
Hands‑on experience with GRC platforms and automation (RSA Archer, ServiceNow, BitSight, etc.)
Solid understanding of regulatory and compliance frameworks (ISO 27001, NIST, SOC 2, SOX, PCI DSS, GDPR, HIPAA)
CISSP or equivalent security certification preferred
Proven track record of embedding compliance into enterprise systems and leading automation initiatives
If you’re an experienced Infosec Engineer with a GRC background, this is a unique opportunity to combine hands‑on engineering with compliance and risk leadership.
Seniority Level Associate
Employment Type Contract
Job Function Information Technology
Industries IT Services and IT Consulting
Benefits
Medical insurance
Vision insurance
Paid maternity leave
Paid paternity leave
Child care support
Pension plan
Tuition assistance
Student loan assistance
401(k)
#J-18808-Ljbffr
About the Role You’ll work across security and compliance domains, implementing and automating controls, integrating GRC platforms, and embedding compliance into enterprise systems. You’ll support ISO 27001, NIST, SOC 2, SOX, PCI DSS, GDPR, and HIPAA programs while collaborating with security, IT, and business teams.
Responsibilities
Lead implementation and automation of GRC platforms (RSA Archer, ServiceNow GRC, BitSight, ProcessUnity, Vanta)
Support SIEM monitoring, incident response, and technical controls aligned with compliance frameworks
Embed risk and compliance controls into enterprise systems and IT processesAssist with audits, regulatory assessments, and reporting to demonstrate governance effectiveness
Drive improvements in risk management processes through technology and automation
Requirements
5+ years’ experience in information security engineering or technical GRC roles
Hands‑on experience with GRC platforms and automation (RSA Archer, ServiceNow, BitSight, etc.)
Solid understanding of regulatory and compliance frameworks (ISO 27001, NIST, SOC 2, SOX, PCI DSS, GDPR, HIPAA)
CISSP or equivalent security certification preferred
Proven track record of embedding compliance into enterprise systems and leading automation initiatives
If you’re an experienced Infosec Engineer with a GRC background, this is a unique opportunity to combine hands‑on engineering with compliance and risk leadership.
Seniority Level Associate
Employment Type Contract
Job Function Information Technology
Industries IT Services and IT Consulting
Benefits
Medical insurance
Vision insurance
Paid maternity leave
Paid paternity leave
Child care support
Pension plan
Tuition assistance
Student loan assistance
401(k)
#J-18808-Ljbffr