Job Description
Summary:
The Lead GRC Engineer is a strategic and execution-focused governance, risk, and compliance professional responsible for advancing key programs across PCI-DSS compliance, third-party risk management, policy governance, enterprise risk management, and security awareness. This role drives PCI audit readiness and execution, leads vendor due diligence and risk assessments, maintains cybersecurity policies and standards, coordinates phishing simulation initiatives, and supports compliance reporting and remediation activities. The position requires strong operational discipline, cross-functional partnership, and the ability to translate complex regulatory requirements into actionable business practices.
Primary Job Functions:
Leading
PCI-DSS audit readiness
with QSAs, evidence collection, and sustained compliance. Strengthening
enterprise risk management
with NIST RMF & ISO 27005, delivering actionable insights to leadership.
Exe...
The Lead GRC Engineer is a strategic and execution-focused governance, risk, and compliance professional responsible for advancing key programs across PCI-DSS compliance, third-party risk management, policy governance, enterprise risk management, and security awareness. This role drives PCI audit readiness and execution, leads vendor due diligence and risk assessments, maintains cybersecurity policies and standards, coordinates phishing simulation initiatives, and supports compliance reporting and remediation activities. The position requires strong operational discipline, cross-functional partnership, and the ability to translate complex regulatory requirements into actionable business practices.
Primary Job Functions:
Leading
PCI-DSS audit readiness
with QSAs, evidence collection, and sustained compliance. Strengthening
enterprise risk management
with NIST RMF & ISO 27005, delivering actionable insights to leadership.
Exe...