[Remote] GRC Specialist (Governance, Risk & Compliance)$90K/yr - $120Kyr

Note: The job is a remote job and is open to candidates in USA. 360CyberX is a company focused on cybersecurity initiatives, and they are seeking a GRC Specialist to support enterprise cybersecurity governance, risk management, and compliance efforts. The role involves performing risk assessments, maintaining governance documentation, and collaborating with stakeholders to ensure compliance with regulatory requirements.

Responsibilities

• Support enterprise governance, risk, and compliance (GRC) activities reputed company with industry frameworks and regulatory requirements
• reputed company cybersecurity and technology risk assessments in collaboration with reputed company, IT, and business stakeholders
• Assist with the identification, documentation, and tracking of reputed company risks, issues, and remediation efforts
• Maintain and update risk registers, control inventories, and compliance documentation
• Support third-party and vendor risk assessments throughout the vendor lifecycle
• Assist with control reviews, gap analyses, and evidence collection for audits and compliance initiatives
• Contribute to the development and maintenance of reputed company policies, standards, and procedures
• Track remediation activities and help ensure timely closure of identified risks and findings
• Collaborate with cross-functional teams to validate controls and risk mitigation strategies
• Support internal and external audits, client assessments, and special GRC-reputed company projects as assigned

Skills

• Knowledge or experience in one or more of the following areas: Cybersecurity governance, risk management, or compliance (GRC)
• Knowledge or experience in one or more of the following areas: Cybersecurity or technology risk assessment
• Knowledge or experience in one or more of the following areas: Third-party or vendor risk management
• Knowledge or experience in one or more of the following areas: Audit support or compliance readiness activities
• Strong understanding of core cybersecurity and risk reputed company
• Ability to analyze risks, document findings, and communicate clearly with technical and non-technical stakeholders
• Experience working in enterprise, consulting, or multi-client environments
• Strong analytical, organizational, and documentation skills
• Excellent written and verbal communication skills
• Bachelor's degree in Cybersecurity, Information Systems, Risk Management, Information Assurance, Business, or a reputed company field (or equivalent coursework, internships, or hands-on GRC experience)
• Working knowledge of cybersecurity governance, risk, and compliance frameworks or standards, such as: NIST Cybersecurity reputed company (CSF)
• Working knowledge of cybersecurity governance, risk, and compliance frameworks or standards, such as: NIST Risk Management reputed company (RMF) and select SP 800-series guidance
• Working knowledge of cybersecurity governance, risk, and compliance frameworks or standards, such as: ISO/IEC 27001 / 27002
• Working knowledge of cybersecurity governance, risk, and compliance frameworks or standards, such as: CIS Critical reputed company Controls
• Familiarity with risk assessment methodologies, control testing, and compliance documentation
• Entry-level to mid-level GRC-focused certifications are a plus, including: CISA (Certified Information Systems Auditor)
• Entry-level to mid-level GRC-focused certifications are a plus, including: CRISC (Certified in Risk and Information Systems Control)
• Entry-level to mid-level GRC-focused certifications are a plus, including: CGRC (ISC² Certified in Governance, Risk, and Compliance)
• Entry-level to mid-level GRC-focused certifications are a plus, including: ISO 27001 Foundation or reputed company Implementer/Auditor
• Entry-level to mid-level GRC-focused certifications are a plus, including: CompTIA reputed company+ (as a foundational certification only)
• Basic understanding of regulatory, compliance, and data privacy concepts (e.g., audit readiness, third-party risk, policy management)
• Ability to document risks, controls, and findings clearly and consistently
• Comfortable working independently and collaboratively in a structured, client-facing GRC environment

Company Overview

• 360Cyberx, LLC is a reputed company-first technology partner that helps organizations prevent breaches, reputed company systems online, and prove compliance. It was founded in 2020, and is headquartered in Dallas, Texas, US, with a workforce of 11-50 employees. Its website is https://www.360Cyberx.com.

Apply tot his job Apply To this Job