$100,000–$130,000 Per Year
Administrative Skills, Analysis Skills, Auditing, Automation, CISA - Certified Information Systems Auditor, CompTIA Security+, Consulting, Detail Oriented, Document Management, External Audit, ISO (International Organization for Standardization), Industry Standards, Information Technology & Information Systems, Information Technology/Systems Audit, Internal Audit, Internet Security, Leadership, Maintain Compliance, Metrics, Process Improvement, Regulatory Compliance, Regulatory Requirements, Reporting Dashboards, Risk, Risk Analysis, Risk Management, Security Auditing, ServiceNow, Systems Analysis, Team Player, U.S. National Institute of Standards and Technology (NIST), United States Department of Energy (DOE)
Cybersecurity GRC Engineer
Salt Lake City, Utah
Direct Placement
$100K to $130K annually DOE + bonus
Summary
We are seeking a detail-oriented Cybersecurity GRC Engineer to support and enhance our Governance, Risk, and Compliance (GRC) program. This role is responsible for conducting risk assessments, supporting audits, maintaining security controls and documentation, and helping ensure compliance with regulatory and industry standards. The ideal candidate is analytical, collaborative, and experienced in translating cybersecurity risks into actionable business outcomes.
Responsibilities
- Conduct cybersecurity risk assessments for systems, applications, and vendors.
- Support internal and external audits, including evidence collection and remediation tracking.
- Identify control gaps, document risks, and assist with mitigation plans.
- Maintain the enterprise risk register and track risk status.
- Support compliance with industry frameworks and regulatory requirements.
- Maintain cybersecurity policies, standards, and control documentation.
- Map and validate controls against frameworks such as NIST CSF, ISO 27001, and CIS.
- Develop GRC metrics, dashboards, and reports for leadership.
- Partner with IT and business teams to drive risk awareness and remediation efforts.
- Support GRC tool administration, process improvements, and automation initiatives.
Requirements- Bachelor's degree in Cybersecurity, Information Technology, Risk Management, or a related field.
- 3+ years of experience in cybersecurity, governance, risk, compliance, or IT audit.
- Experience performing risk assessments, supporting audits, and managing compliance activities.
- Working knowledge of NIST CSF, ISO 27001, CIS Controls, or similar security frameworks.
- Strong analytical, documentation, and organizational skills.
Bonus Skills- Certifications such as Security+, CISA, CRISC, or similar.
- Experience with GRC platforms such as ServiceNow GRC, Archer, Drata, Vanta, or equivalent.
- Experience with control testing, vendor risk management, and regulatory compliance programs.
- Familiarity with cybersecurity metrics, reporting, and automation tools.
Welcome to ConsultNet, a premier national provider of technology talent and solutions. Our expertise spans across project services, contract-to-hire, direct search, and managed services onshore, nearshore, and hybrid. For over 25 years, we have connected thousands of consultants with meaningful roles through a personal, communication-driven approach, partnering with a diverse client base to build high-performing teams and create lasting impact. Our comprehensive service offerings cover a wide range of technology and engineering positions across key markets nationwide. Learn more at www.consultnet.com .
We champion equality and inclusivity, proudly supporting an Equal Opportunity Employer policy. We welcome applicants regardless of Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other status protected by law.