CrawlJobs Logo
Ethics HR Logo Ethics HR · IT - Administration

GRC Engineer

Egypt, New Cairo · Job Posted March 05, 2026
Apply Position
Job Link Share

Job Responsibility

  • Perform security reviews, identify gaps in security architecture, and develop a security risk management plan
  • Perform risk analysis (e.g., threat, vulnerability, and probability of occurrence) whenever an application or system undergoes a major change
  • Plan and conduct security authorization reviews and assurance case development for new and existing installation of systems and networks to confirm that risk is within acceptable limits
  • Provide input to the Risk Management Framework process activities and related documentation (e.g., system life-cycle support plans, concept of operations, operational procedures, and maintenance training materials)
  • Verify and update security documentation reflecting the application/system security design features
  • Verify that application software/network/system security postures are implemented as stated, document deviations, and recommend required actions to correct those deviations
  • Develop security compliance processes and/or audits for external services (e.g., cloud service providers, data centers)
  • Participate in Risk Governance process to provide security risks, mitigations, and input on other technical risk
  • Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc
  • Assure successful implementation and functionality of security requirements and appropriate IT policies and procedures that are consistent with the organization's mission and goals
  • Ensure that security design and cybersecurity development activities are properly documented (providing a functional description of security implementation) and updated as necessary
  • Support necessary compliance activities (e.g., ensure that system security configuration guidelines are followed, compliance monitoring occurs)
  • Ensure that all acquisitions, procurements, and outsourcing efforts address information security requirements consistent with organization goals
  • Conduct interactive training exercises to create an effective learning environment
  • Develop new or enhance existing awareness and training materials that are appropriate for intended audiences

Requirements

  • Bachelor’s degree in engineering, Computer Science, Cyber Security, or any related field from a reputable university
  • Preferably have one of the following certifications: CCNA Security, CompTIA Security +, CISA, ISA27001
  • Fluency in Arabic and English
  • Fresh graduates with cybersecurity related certificate to 1 year experience in information security
  • Ability to: Identify systemic security issues based on the analysis of vulnerability and configuration data
  • Answer questions in a clear and concise manner
  • Ask clarifying questions
  • Communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means
  • Design valid and reliable assessments
  • Apply critical reading/thinking skills
  • Evaluate information for reliability, validity, and relevance
  • Function in a collaborative environment, seeking continuous consultation with others
  • Interpret and apply laws, regulations, policies, and guidance relevant to organization cyber objectives
  • Interpret and understand complex and rapidly evolving concepts
  • Monitor advancements in information privacy technologies to ensure organizational adaptation and compliance
  • Relate strategy, business, and technology in the context of organizational dynamics
  • Apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation)
  • Knowledge of: Computer networking concepts and protocols, and network security methodologies
  • Risk management processes (e.g., methods for assessing and mitigating risk)
  • Laws, regulations, policies, and ethics as they relate to cybersecurity and privacy
  • Cybersecurity and privacy principles
  • Cyber threats and vulnerabilities
  • Specific operational impacts of cybersecurity lapses
  • Authentication, authorization, and access control methods
  • Applicable business processes and operations of bank
  • Cyber defense and vulnerability assessment tools and their capabilities
  • Cryptography and cryptographic key management concepts
  • Data backup and recovery
  • Database systems
  • Business continuity and disaster recovery continuity of operations plans
  • Organization's enterprise information security architecture
  • Organization's Local and Wide Area Network connections
  • Security Assessment and Authorization process
  • Cybersecurity and privacy principles used to manage risks related to the use, processing, storage, and transmission of information or data
  • Cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation)
  • Risk Management Framework (RMF) requirements
  • Current industry methods for evaluating, implementing, and disseminating IT security assessment, monitoring, detection, and remediation tools and procedures
  • Network access, identity, and access management (e.g., PKI, Oauth, OpenID, SAML, SPML)
  • New and emerging information technology (IT) and cybersecurity technologies
  • System and application security threats and vulnerabilities (e.g., buffer overflow,)
  • Systems diagnostic tools and fault identification techniques
  • Enterprise information technology (IT) architecture
  • Organization’s enterprise information technology (IT) goals and objectives
  • Supply Chain Risk Management Practices (NIST SP 800-161)
  • Organization's core business/mission processes
  • Information technology (IT) supply chain security and supply chain risk management policies, requirements, and procedures
  • Critical infrastructure systems with information communication technology that were designed without system security considerations
  • Network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth)
  • Security architecture concepts and enterprise architecture reference models
  • Security models (e.g., Bell-LaPadula model, Biba integrity model, Clark-Wilson integrity model)
  • Personally Identifiable Information (PII) data security standards
  • Payment Card Industry (PCI) data security standards
  • An organization's information classification program and procedures for information compromise
  • Controls related to the use, processing, storage, and transmission of data
  • Application Security Risks (e.g. Open Web Application Security Project Top 10 list)
  • Skills in: Applying confidentiality, integrity, and availability principles
  • Determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes
  • Discerning the protection needs (i.e., security controls) of information systems and networks
  • Recognizing and categorize types of vulnerabilities and associated attacks
  • Interfacing with customers
  • conducting reviews of systems
  • network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools
  • Integrating and applying policies that meet system security objectives
  • Assessing security controls based on cybersecurity principles and tenets. (e.g., CIS CSC, etc)
  • performing impact/risk assessments
  • Information prioritization as it relates to operations
  • Interpreting vulnerability scanner results to identify vulnerabilities
  • Managing client relationships, including determining client needs/requirements, managing client expectations, and demonstrating commitment to delivering quality results
  • Performing target system analysis
  • Preparing and presenting briefings
  • Preparing plans and related correspondence
  • Prioritizing target language material
  • Processing collected data for follow-on analysis
  • Providing analysis to aid writing phased after action reports
  • Reviewing and editing assessment products
  • Reviewing and editing plans
  • Tailoring analysis to the necessary levels (e.g., classification and organizational)
  • Target development in direct support of collection operations
  • Target network anomaly identification (e.g., intrusions, dataflow or processing, target implementation of new technologies)
  • Access information on current assets available, usage
  • Analyze strategic guidance for issues requiring clarification and/or additional guidance
  • Apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation)
Ethics HR - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

GRC Engineer

8 matching positions

GRC Engineer

Have you built and owned ISO 27001 compliance from scratch in a high-growth envi...
Location
Location
Australia
Salary
Salary:
Not provided
thisisiceberg.com Logo
Iceberg Cyber Security
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Built and led ISO 27001 compliance programs end-to-end from scratch
  • Ideally also implemented SOC 2 in parallel environments
  • Experience with APAC regulatory requirements including Australian Privacy Principles (APP) and Singapore Personal Data Protection Act (PDPA)
  • A mindset focused on engineering compliance into systems, not maintaining frameworks
  • Strong technical background (cloud, infrastructure, security engineering)
  • Ability to work directly with engineers at a deep technical level
  • Experience building or automating compliance systems (not just maintaining them)
  • Hands-on experience with cloud environments (AWS, GCP, or Azure)
  • Experience embedding compliance into CI/CD or engineering workflows
  • Startup or small team experience
Job Responsibility
Job Responsibility
  • Own and lead ISO 27001 end-to-end, from early-stage build through to audit readiness and certification
  • Design and implement scalable, engineered compliance systems (not manual processes)
  • Automate compliance and control monitoring across cloud environments
  • Translate regulatory requirements into real technical controls embedded in infrastructure and workflows
  • Work hands-on with engineering teams to integrate security into systems and CI/CD pipelines
  • Read and understand code (ideally Python) to build or support automation workflows
  • Support customer and sales teams with technical security discussions and compliance queries
  • Drive broader compliance initiatives (SOC 2 where needed)
What we offer
What we offer
  • Very competitive compensation package including equity with significant upside potential
  • Fulltime
Read More
Arrow Right

Grc Engineer

We’re looking for a GRC Engineer who can turn regulatory requirements and securi...
Location
Location
Sweden , Stockholm
Salary
Salary:
Not provided
lovable.dev Logo
Lovable
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • An engineer who has built compliance controls from the ground up
  • Experience with SOC 2, ISO 27001, GDPR, or similar frameworks
  • Strong architectural understanding and hands-on experience of common cloud infrastructures
  • Ability to automate compliance controls using code, scripts, or infrastructure tooling
  • A collaborative mindset - comfortable working with engineering teams and non-technical stakeholders like legal and marketing alike
Job Responsibility
Job Responsibility
  • Design and implement compliance-by-design systems across our infrastructure that people actually want to use
  • Automate compliance controls and monitoring using modern tooling
  • Work closely with engineering teams to ensure systems meet SOC 2, ISO 27001, GDPR, and emerging AI regulations
  • Partner with sales, product, platform, and legal teams to translate requirements and needs into technical implementations
  • Help shape the architecture around data handling, privacy, and responsible AI
  • Fulltime
Read More
Arrow Right

GRC Engineer

GRC Engineer – AI-Powered Startup. My client is one of the fastest growing and m...
Location
Location
United States
Salary
Salary:
Not provided
thisisiceberg.com Logo
Iceberg Cyber Security
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Extensive AI Automation/ AI Automation tool experience
  • Extensive GRC experience
  • Experience going toe to toe with Engineers
  • Ability to understand/Read code/use Python for Automations
  • Vendor Risk Management experience
  • Start-up/ Small team experience
  • Extensive PCI DSS Experience
Job Responsibility
Job Responsibility
  • Automating compliance processes
  • Own risk & compliance strategy (SOC2, ISO27001, HIPAA)
  • Work hands-on with engineers
  • Read and understand code (ideally Python and other Automation tools) to streamline workflows
  • Engage with clients to ensure risk management best practices
What we offer
What we offer
  • Very competitive compensation package including an equity package that is expected to 10X in the next few years
Read More
Arrow Right

Lead Cybersecurity GRC Engineer

Lead Cybersecurity GRC Engineer role focusing on risk remediation and governance...
Location
Location
United States , New York
Salary
Salary:
225000.00 USD / Year
realign-llc.com Logo
Realign
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • CISSP certification strongly preferred (or equivalent demonstrated experience)
  • Additional certifications such as CISA, CISM are a plus
  • Experience with GRC platforms such as: ServiceNow IRM / GRC, Archer, 6clicks, Other comparable GRC tools
  • Prior exposure to regulated financial services environments (Banking / Insurance)
  • Minimum 8 years of experience in Cybersecurity and GRC, spanning multiple security domains (CISSP domains may be used as a reference framework)
  • Strong hands-on experience in risk remediation, particularly across security design, testing, compliance, BCP/DR, and third-party risk
  • Proven ability to translate policy and regulatory requirements into actionable remediation steps
  • Demonstrated experience in control testing (ToD and ToE)
  • Excellent verbal and written communication skills, with experience engaging senior leaders within banking or insurance organizations
  • Strong analytical and documentation skills with a track record of producing professional, client-ready deliverables
Job Responsibility
Job Responsibility
  • Lead and oversee cybersecurity risk remediation and governance initiatives aligned with enterprise risk and compliance requirements
  • Interpret security policies, standards, and regulatory requirements, and apply them effectively to enterprise assets and environments
  • Identify control gaps, non-compliance issues, and deviations, and drive remediation efforts to closure
  • Perform and guide security control testing, including: Test of Design (ToD), Test of Effectiveness (ToE)
  • Provide remediation guidance across key cybersecurity domains, including but not limited to: Secure architecture and security design, Security testing and validation, Secure coding and code compliance, Business Continuity Planning (BCP) and Disaster Recovery (DR), Third-Party Risk Management (TPRM)
  • Partner with technical, risk, and business stakeholders to gather and validate evidence supporting remediation and compliance activities
  • Prepare and maintain high-quality documentation such as: Policies, procedures, and SOPs, Remediation plans and guidance documents, Risk and compliance reports
  • Present findings, recommendations, and remediation strategies to senior stakeholders and decision-makers
  • Influence outcomes through clear, tactful, and data-driven communication
  • Support compliance and audit activities
  • Fulltime
Read More
Arrow Right

Senior Identity & Access GRC Engineer

Senior Identity & Access Governance Engineer is responsible for the design, impl...
Location
Location
Romania , Bucuresti
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5–8+ years of experience in IAM or Identity Governance
  • Experience in building or transforming IAM capabilities
  • Hands-on experience with enterprise IAM platforms (SailPoint, Saviynt, OneIdentity, Okta, Microsoft Entra ID)
  • Experience with PAM solutions (CyberArk, BeyondTrust)
  • Strong knowledge of: RBAC / ABAC
  • Segregation of Functions (SoD)
  • SAML, OAuth2, OIDC
  • LDAP / Active Directory
  • MFA and conditional access policies
  • Experience in regulated environments (telecom, financial, utilities – preferred)
Job Responsibility
Job Responsibility
  • Define IAM governance framework, standards and control structure
  • Design IAM operational model
  • Translate IAM policies and standards into applicable technical controls
  • Design and maintain enterprise-wide RBAC models aligned with business roles and risk levels
  • Define and enforce Segregation of Functions (SoD) controls
  • Establish Key Risk Indicators (KRIs) and control effectiveness metrics
  • Maintain IAM documentation and record repository
  • Create an IAM maturity roadmap
  • Ensure alignment with Zero Trust principles
  • Design and optimize Joiner Mover Leaver processes
What we offer
What we offer
  • Hybrid working regime 2 days from the office, 3 days remote
  • Special discounts for Vodafone employees, Friends & Family offers
  • Demo telephone subscription - unlimited (voice and data)
  • Voucher for the purchase of a mobile phone
  • Medical subscription to a top private clinic & other medical benefits
  • Insurance for hospitalization and surgical interventions
  • Life insurance
  • Meal tickets
  • Bookster subscription
  • Participation in development programs and challenging projects in the leadership area
  • Fulltime
Read More
Arrow Right

Principal Software Engineer, GRC

At Vanta, our mission is to help businesses earn and prove trust. We believe tha...
Location
Location
United States
Salary
Salary:
285000.00 - 335000.00 USD / Year
vanta.com Logo
Vanta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Have played significant technical leadership roles for bigger orgs and complex projects
  • Have a good balance of customer focus, bias for action, and balancing between right long term, medium term and short term decisions
  • Have experience communicating with and working closely with a large set of cross-functional stakeholders
  • Have upleveled teams of engineers, mentoring and leading by example
  • Be a self starter and have a mix of previous startup experience and working at scale experience, and in an environment that prioritizes a bias for action
  • Have experience building architectural changes whose impact span is multi year, or have experience go very deep in technology and becoming an expert
  • Have an interest in learning about security or prior experience in the space
  • Experience working at rapidly scaling startups and large companies with environments that prioritize a bias for action
  • Open to using AI to amplify their skills and strengthen their work - demonstrating curiosity, a willingness to learn, and sound judgment in applying AI responsibly to improve efficiency and impact
Job Responsibility
Job Responsibility
  • Identify and solve complex, high-impact problems, leading projects with multiple cross functional stakeholders, engineering leaders and engineers to deliver significant impact to our business
  • Set technical direction impacting our entire engineering team, from critical systems and core product abstractions to developer productivity and hold a high bar for quality across engineering
  • Design, develop, and own new product functionality and/or infrastructure leveraging modern frameworks and tooling (TypeScript, React, Node.js)
  • Work on deeply ambiguous problem areas, and will tackle larger more long term challenges for the company
  • Design, develop, and own new product functionality and infrastructure leveraging modern frameworks and tooling (TypeScript, Terraform, Node.js)
  • Make effective tradeoffs that consider business priorities, user experience, and a sustainable technical foundation
  • Act as a cultural beacon, setting an example for effective, collaborative engineering and helping mentor junior team members
What we offer
What we offer
  • Offers Equity
  • Medical benefits
  • 401(k) plan
  • Other company perk programs
  • Comprehensive medical, dental, and vision coverage, with 100% of employee-only benefit premiums covered for most medical plans
  • 16 weeks fully-paid Parental Leave for all new parents
  • Health & wellness stipend
  • Remote workspace, internet, and cellphone stipend
  • Commuter benefits for team members who report to the SF and NYC office
  • Family planning benefits
  • Fulltime
Read More
Arrow Right

Staff Software Engineer, GRC Products

As a Staff Software Engineer at Vanta, you will play a critical role in driving ...
Location
Location
Canada
Salary
Salary:
Not provided
vanta.com Logo
Vanta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Over 10 years of industry experience with deep expertise in one or more technical areas (e.g., frontend, databases, distributed systems, APIs, AI, etc.)
  • Proven ability to lead complex technical initiatives, driving strategic projects and improving organizational processes in fast-paced, dynamic environments
  • Mastery in system design and software architecture, with a strong ability to balance technical considerations and execution constraints
  • Extensive experience building user-facing SaaS products, catering to both startup and enterprise users
  • Expertise in building 0→1 products and solving large-scale challenges, especially in environments that prioritize a bias for action
  • Strong leadership and mentorship experience, consistently up-leveling teams and leading by example
  • Excellent communication skills with the ability to influence and advocate for technical decisions at all levels of the organization
  • Open to using AI to amplify their skills and strengthen their work - demonstrating curiosity, a willingness to learn, and sound judgment in applying AI responsibly to improve efficiency and impact.
Job Responsibility
Job Responsibility
  • Identify, scope, and lead large technical projects, laying the groundwork for building highly performant, reliable, and customizable systems with long-term impact
  • Drive a portfolio of complex initiatives with a duration spanning multiple quarters, ensuring iterative and sustainable impact across product areas
  • Rally cross-functional teams to drive initiatives to completion, even without direct management of team members
  • Make strategic decisions that prioritize long-term success, while influencing Vanta’s technical direction alongside senior engineers and leadership
  • Champion engineering excellence by continuously improving processes, methodologies, and technical practices across the organization
  • Guide teams on tough technical decisions, balancing tradeoffs and resolving conflicts
  • Address product, technical, and operational challenges with clear, impactful solutions
  • Serve as a cultural leader, modeling collaborative behaviors and mentoring engineers to elevate organizational performance.
What we offer
What we offer
  • Industry-competitive salary and equity
  • 100% covered medical, dental, and vision benefits with dependents coverage
  • Pension contribution
  • 16 weeks fully paid Parental Leave for all new parents
  • Health & wellness stipend
  • Remote workspace, internet, and cellphone stipend
  • Flexible work hours and location
  • 21 days of Vacation Time and 80 hours of Sick Leave
  • 11 company-paid holidays
  • Virtual team building activities, lunch and learns, and other company-wide events!
  • Fulltime
Read More
Arrow Right

Senior Fullstack Software Engineer, GRC

At Vanta, our mission is to help businesses earn and prove trust. We believe tha...
Location
Location
United States
Salary
Salary:
175000.00 - 240000.00 USD / Year
vanta.com Logo
Vanta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Have at least 5 years of industry experience
  • Have played technical leadership roles for teams or complex projects
  • Have previous startup experience, or worked in an environment that prioritizes a bias for action
  • Have previous experience working on greenfield projects
  • Have an interest in learning about security or prior experience in the space
Job Responsibility
Job Responsibility
  • Lead complex projects with multiple stakeholders and engineers to deliver significant impact to our business
  • Set direction for critical technical surface areas, enabling us to stay ahead of continued rapid growth
  • Design, develop, and own new product functionality and/or infrastructure leveraging modern frameworks and tooling (TypeScript, React, Node.js)
  • Work with talented and kind engineers to make a significant impact on our customer base, enabling them to improve their security and prove it
  • Contribute to building Vanta’s engineering culture as we grow
What we offer
What we offer
  • Offers Equity
  • medical benefits
  • 401(k) plan
  • other company perk programs
  • Comprehensive medical, dental, and vision coverage, with 100% of employee-only benefit premiums covered for most medical plans
  • 16 weeks fully-paid Parental Leave for all new parents
  • Health & wellness stipend
  • Remote workspace, internet, and cellphone stipend
  • Commuter benefits for team members who report to the SF and NYC office
  • Family planning benefits
  • Fulltime
Read More
Arrow Right