Cybersecurity GRC Specialist at Jobgether – United States

This position is posted by Jobgether on behalf of a partner company. We are currently looking for a Cybersecurity GRC Specialist in United States.

This role offers an exciting opportunity to strengthen and manage an organization’s Technology Governance, Risk, and Compliance (GRC) program. The Cybersecurity GRC Specialist will play a critical role in identifying, assessing, and mitigating technology and cybersecurity risks while ensuring adherence to regulatory requirements, industry standards, and internal policies. You will work closely with IT, legal, procurement, and business teams to integrate security best practices across systems, applications, and third-party engagements. This position combines hands-on risk management, policy development, and compliance oversight with a focus on proactive security and incident prevention. Ideal candidates are skilled in IT risk frameworks, cybersecurity practices, and vendor risk management, with the ability to communicate technical concepts to non-technical stakeholders. You will also contribute to continuous improvement initiatives, helping to enhance the overall security posture of the organization.

• Develop, implement, and maintain the IT risk management and cybersecurity governance framework.

• Conduct risk assessments to identify potential threats, vulnerabilities, and business impacts across systems, networks, and data environments.

• Establish, maintain, and enforce IT security policies, standards, and procedures in alignment with regulations and industry best practices.

• Provide guidance on secure system and application design, partnering with IT teams to ensure proper security controls are implemented.

• Support third-party risk management, evaluating vendor security practices and ensuring compliance with organizational standards.

• Assist in incident response planning, investigations, and remediation, contributing to organizational resilience.

• Communicate technology and security risks effectively to leadership and stakeholders, translating technical information into actionable business insights.

• Participate in audits, questionnaire responses, and contract security reviews to ensure regulatory compliance and risk mitigation.

Requirements:

• 5+ years of experience in IT Governance, Risk, Compliance (GRC), cybersecurity, or information security.

• Bachelor’s degree in Computer Science, Information Security, or a related field preferred.

• Security certifications such as CISSP, CISA, CRISC, or equivalent strongly preferred.

• Experience with third-party risk management programs and ISO 27001:2022 framework.

• Demonstrated ability to lead projects, initiatives, or mentor team members.

• Strong understanding of regulatory requirements, risk frameworks, and industry best practices.

• Excellent verbal and written communication skills, with the ability to engage both technical and non-technical audiences.

• Analytical, detail-oriented, and proactive with a strong sense of ownership.

• Occasional travel may be required (10% or less).

Benefits:

• Competitive annual salary range: $105,000–$115,000.

• Fully remote work within the United States.

• Comprehensive health coverage including medical, dental, vision, and life insurance.

• Retirement plan options including 401(k) with company contributions.

• Paid time off and holidays.

• Professional development and growth opportunities.

• Engaging and collaborative work environment focused on security and risk management.