Lead Cybersecurity GRC Engineer
Diverse Lynx, Minneapolis, MN, United States
Job Title: Lead Cybersecurity GRC Engineer
Location: Minneapolis, MN (Onsite)
Job Type: Full Time
Job Description: Must Have Technical/Functional Skills • CISSP certification strongly preferred (or equivalent demonstrated experience). • Additional certifications such as CISA, CISM are a plus. • Experience with GRC platforms such as: • ServiceNow IRM / GRC • Archer • 6clicks • Other comparable GRC tools • Prior exposure to regulated financial services environments (Banking / Insurance).
Roles & Responsibilities Lead and oversee cybersecurity risk remediation and governance initiatives aligned with enterprise risk and compliance requirements. • Interpret security policies, standards, and regulatory requirements, and apply them effectively to enterprise assets and environments. • Identify control gaps, non-compliance issues, and deviations, and drive remediation efforts to closure. • Perform and guide security control testing, including: • Test of Design (ToD) • Test of Effectiveness (ToE) • Provide remediation guidance across key cybersecurity domains, including but not limited to: • Secure architecture and security design • Security testing and validation • Secure coding and code compliance • Business Continuity Planning (BCP) and Disaster Recovery (DR) • Third-Party Risk Management (TPRM) • Partner with technical, risk, and business stakeholders to gather and validate evidence supporting remediation and compliance activities. • Prepare and maintain high-quality documentation such as: • Policies, procedures, and SOPs • Remediation plans and guidance documents • Risk and compliance reports • Present findings, recommendations, and remediation strategies to senior stakeholders and decision-makers. • Influence outcomes through clear, tactful, and data-driven communication. • Support compliance and audit activities; prior audit engagement experience is highly desirable.
Diverse Lynx LLC is an Equal Employment Opportunity employer. All qualified applicants will receive due consideration for employment without any discrimination. All applicants will be evaluated solely on the basis of their ability, competence and their proven capability to perform the functions outlined in the corresponding role. We promote and support a diverse workforce across all levels in the company.
Job Description: Must Have Technical/Functional Skills • CISSP certification strongly preferred (or equivalent demonstrated experience). • Additional certifications such as CISA, CISM are a plus. • Experience with GRC platforms such as: • ServiceNow IRM / GRC • Archer • 6clicks • Other comparable GRC tools • Prior exposure to regulated financial services environments (Banking / Insurance).
Roles & Responsibilities Lead and oversee cybersecurity risk remediation and governance initiatives aligned with enterprise risk and compliance requirements. • Interpret security policies, standards, and regulatory requirements, and apply them effectively to enterprise assets and environments. • Identify control gaps, non-compliance issues, and deviations, and drive remediation efforts to closure. • Perform and guide security control testing, including: • Test of Design (ToD) • Test of Effectiveness (ToE) • Provide remediation guidance across key cybersecurity domains, including but not limited to: • Secure architecture and security design • Security testing and validation • Secure coding and code compliance • Business Continuity Planning (BCP) and Disaster Recovery (DR) • Third-Party Risk Management (TPRM) • Partner with technical, risk, and business stakeholders to gather and validate evidence supporting remediation and compliance activities. • Prepare and maintain high-quality documentation such as: • Policies, procedures, and SOPs • Remediation plans and guidance documents • Risk and compliance reports • Present findings, recommendations, and remediation strategies to senior stakeholders and decision-makers. • Influence outcomes through clear, tactful, and data-driven communication. • Support compliance and audit activities; prior audit engagement experience is highly desirable.
Diverse Lynx LLC is an Equal Employment Opportunity employer. All qualified applicants will receive due consideration for employment without any discrimination. All applicants will be evaluated solely on the basis of their ability, competence and their proven capability to perform the functions outlined in the corresponding role. We promote and support a diverse workforce across all levels in the company.