Governance, Risk, and Compliance Engineer

Overview

Guidehouse’s Cybersecurity practice helps organizations modernize governance, risk, and compliance (GRC) capabilities to improve transparency, decision‑making, and resilience in complex regulatory environments.

• Architect and lead enterprise GRC modernization programs, providing technical leadership across strategy, platform design, integration, and implementation.
• Design scalable GRC platform architectures that support automated control management, continuous monitoring, compliance reporting, and enterprise risk aggregation.
• Define and implement automated control evidence ingestion pipelines, integrating data from security, IT, cloud, and operational systems into centralized GRC platforms.
• Establish enterprise data integration standards for governance and risk data, including data models, interfaces, normalization rules, and quality controls.
• Lead initiatives that enhance compliance transparency, enable near‑real‑time insight into control effectiveness, and reduce manual assessment and reporting burdens.
• Translate regulatory, policy, and control requirements into implementable technical designs aligned to enterprise architectures.
• Oversee mapping and operationalization of security controls and requirements aligned to standards and frameworks such as NIST SP 800‑53, NIST SP 800‑37, FISMA, ISO 27001, and organizational policies.
• Provide technical direction for risk aggregation and reporting, ensuring executives can understand cumulative risk, trends, and remediation priorities across business units and systems.
• Implement quality assurance, performance measurement, and risk management processes for GRC engineering and automation initiatives.
• Review and approve architectural designs, integration patterns, and technical deliverables to ensure scalability, security, and maintainability.
• Collaborate with cybersecurity engineering, cloud, data, and audit stakeholders to ensure cohesive enterprise implementation.
• Mentor and develop engineers, consultants, and managers; set technical standards and reinforce delivery excellence.
• Support business development activities, including proposal development, solution shaping, and technical reviews, as a GRC subject matter expert.

• Medical, Rx, Dental & Vision Insurance
• Personal and Family Sick Time & Company Paid Holidays
• Position may be eligible for a discretionary variable incentive bonus
• Parental Leave and Adoption Assistance
• 401(k) Retirement Plan
• Basic Life & Supplemental Life
• Health Savings Account, Dental/Vision & Dependent Care Flexible Spending Accounts
• Short-Term & Long-Term Disability
• Student Loan Pay Down
• Tuition Reimbursement, Personal Development & Learning Opportunities
• Skills Development & Certifications
• Employee Referral Program
• Corporate Sponsored Events & Community Outreach
• Emergency Back-Up Childcare Program
• Mobility Stipend