15 hours ago

GRC Engineer

NEOGOV

Hybrid
Full Time
$140,000
Hybrid

Job Overview

Job TitleGRC Engineer
Job TypeFull Time
CategoryCommerce
Experience5 Years
DegreeMaster
Offered Salary$140,000
LocationHybrid

Who's the hiring manager?

Sign up to PitchMeAI to discover the hiring manager's details for this job. We will also write them an intro email for you.

Uncover Hiring Manager

Job Description

About NEOGOV

This GRC Engineer role is remote from anywhere in the US.

NEOGOV is a fast-growing SaaS leader in the Public Sector with a mission to serve the people who serve the people. Our clients use our software to manage their employee lifecycle from hire to retire by streamlining processes in our centralized platform. We are passionate about technology, focused on customer success, and have an entrepreneurial environment where innovation is encouraged and rewarded.

NEOGOV is one of the top 50 fastest growing private software companies in the U.S. We are looking for top talent to make significant contributions to our products, technology, and customers.

We are seeking a GRC Engineer to ensure governance, risk, and compliance across our corporate and customer-facing environments. You will collaborate across the organization to embed security compliance into all processes, while building automated workflows that will provide continuous compliance and real-time reporting to our internal and external customers and regulators.

What You Will Do

  • Automate Compliance: Configure and maintain our GRC platform to automate evidence collection across environments, ensuring 24/7 visibility into our control environment.
  • Federal Authorization: Lead the execution of our FedRAMP Moderate authorization lifecycle, including authoring System Security Plans and managing POAMs.
  • Framework Management: Maintain and automate compliance with standards such as SOC2 Type II, HIPAA, CJIS and additional regulatory and privacy requirements across multi-cloud environments.
  • Policy Development: Draft, implement and enforce clear security and compliance policies.
  • Third Party Risk Management: Evaluate the security posture of third-party vendor services and software, while driving efficiencies through automated reviews and control validation.
  • Compliance-as-Code: Partner with DevOps and Engineering to integrate compliance checks into CI/CD pipelines ensuring security controls are a fundamental part of the software development lifecycle.
  • Continuous Monitoring: Oversee our continuous monitoring program and end-to-end lifecycle management of our GRC platform while regularly reporting updates to internal and external stakeholders.
  • Business Resiliency: Develop, maintain, and regularly test comprehensive Business Continuity (BCP) and Disaster Recovery (DR) plans, ensuring all documentation is up-to-date and aligns with organizational risks, regulatory requirements, and industry standards.
  • Audit Leadership: Act as the primary technical point of contact for audit engagements and customers during assessments.
  • Cross-functional Collaboration: Partner with IT, Legal, Engineering, Sales, Services, and HR to provide technical and GRC expertise, translate requirements, ensure alignment for internal and external GRC systems and controls.

Who You Are

  • A strong communicator who values cross-functional collaboration.
  • A proactive contributor with a mindset for continuous improvement.

What You Have

  • Bachelor’s degrees in Computer Science, Information Technology, Cybersecurity or a related field.
  • Minimum of 7 years of experience in GRC, Information Security, IT Audit or Engineering.
  • Strong understanding of industry standard frameworks, regulations and programs, including NIST 800-53, FedRAMP, GovRAMP, HIPAA and CJIS.
  • Strong understanding of cloud environments and experience with scripting and automation.
  • Hands-on experience using GRC automation tools to scale compliance programs.
  • Able to translate regulatory requirements into action.
  • CISSP, CISA, or AWS/Azure Security certifications.

What NEOGOV Offers

  • Comprehensive Benefits package (medical, dental, vision, etc.) for full-time employees.
  • Generous PTO to support work-life balance.
  • Remote working opportunities.
  • 401K Matching.
  • Autonomy to grow and find your career path with supportive leadership.
  • 12-week Paid Parental Leave.
  • Inclusive and diverse environment.

Key skills/competency

  • GRC Automation
  • FedRAMP Compliance
  • NIST 800-53
  • Cloud Security
  • SOC2
  • HIPAA
  • CJIS
  • Information Security
  • Audit Management
  • Policy Development

Tags:

GRC Engineer
Governance
Risk
Compliance
FedRAMP
SOC2
HIPAA
CJIS
Audit
Policy
Automation
GRC Platforms
Cloud Security
CI/CD
Scripting
AWS
Azure
NIST
Information Security

Share Job:

How to Get Hired at NEOGOV

  • Research NEOGOV's culture: Study their mission, values, recent news, and employee testimonials on LinkedIn and Glassdoor.
  • Tailor your resume for GRC Engineer: Highlight experience with FedRAMP, SOC2, HIPAA, and cloud security frameworks.
  • Showcase automation and GRC platform skills: Emphasize hands-on experience with compliance automation and scripting.
  • Prepare for technical and behavioral interviews: Be ready to discuss specific GRC projects and cross-functional collaboration.
  • Demonstrate proactive problem-solving: Illustrate your continuous improvement mindset in governance and risk.

Frequently Asked Questions

Find answers to common questions about this job opportunity

Explore similar opportunities that match your background