The role
As a Lead Cyber GRC Engineer, you will be responsible for leading a team that supports the design, implementation, and ongoing management of our GRC platform and our automated assurance framework.
You will work closely with internal teams to ensure that the company adheres to industry standards, regulatory requirements and best practices related to cyber risk management and compliance.
Your expertise will be key in integrating and maintaining cutting-edge tools that ensure our controls are automatically and continuously monitored.
This role offers a unique opportunity to work closely with diverse teams, continuously optimising our systems to support our Governance, Risk, and Compliance (GRC) objectives.
What You'll Be Doing
Lead a team of GRC Engineers to develop and integrate advancing tooling and technologies to ensure that security controls are effectively automated and continuously monitored.
Ensure seamless implementation and configuration of toolsets with relevant internal systems and applications.
Be the source of automation and engineering-led thinking for security control assessment, evidence collection, and summary reporting.
Integrate automated assurance platform with relevant workflow tools such as Jira and Slack.
Maintain and optimize the automated assurance toolset to ensure it operates efficiently and effectively.
Manage regular updates and integrate new features as they become available.
Implement automated solutions to mitigate potential threats and vulnerabilities.
Continuously strive to identify opportunities for controls uplift and automation across controls both Cyber and the wider Technology infrastructure.
Maintain high standards of security and risk management in line with relevant standards (NIST CSF, ISO 27001) by leveraging automation.
Work with IT, security, risk and compliance, internal controls and audit teams to ensure the tool meets their needs.
Train relevant staff on the use and benefits of the automated assurance tool.
Monitor the effectiveness of automated controls, driving continuous improvements to maintain robust security and compliance
Create and maintain comprehensive documentation for the tool's configuration, usage, and maintenance.
Generate regular reports on the tool's effectiveness and the organization's compliance status.
Utilise the tool to identify, assess, and mitigate cybersecurity risks.
Generate automated risk reports and dashboards for management review.
What You'll Bring
Excellent problem-solving skills and the ability to analyse complex challenges.
Strong interpersonal and relationship-building skills.
Focused on developing knowledge and skills.
Self-motivated with a 'get-out-there' attitude focused on continuous improvement.
Strong focus on prioritisation and understanding trade-offs.
Willing to challenge the status quo.
Enjoy and comfortable within both individual and team environments.
Excels in fast-moving and dynamic environments.
Experience in leading a team of GRC engineers, developers or engineers.
Experience in integrating security tooling.
Expertise in implementing automated assurance tools is desirable although not essential.
Proven track record of managing and mentoring teams, driving high performance, and fostering a culture of security and compliance.
Knowledge of industry standards such as NIST CSF, ISO27001, or PCI-DSS is highly desirable.
Proven experience in Cyber controls assurance (e.g. advisory, internal or external audit roles) is desirable although not essential
Proficiency in scripting languages (e.g., Python, PowerShell) to automate processes and tasks.
Ability to manage projects, including planning, execution, and monitoring.
Experience in working with technologies such as AWS, ServiceNow, Jira, Okta, Crowdstrike etc. is desirable.
Additional technical knowledge in AWS such as writing Lambda functions, creating AWS SCPs and CloudFormation templates as well as working with services such as Config and SecurityHub would also be advantageous.
Familiarity with GRC tools is an advantage.
Experience in performing proof of value (POV) exercises of Cyber security tooling is an advantage.
This is what you should have.
What do we have, you ask?
Well...you can check our
amazing perks & benefits
right here!
So ... are you in?
Equal opportunities
At Blip, we are committed to creating a diverse and inclusive workplace.
We strongly encourage people from all backgrounds,
ways of thinking, and working to apply.
We are committed to including everyone regardless of their race, disability, age, gender identity, sexual orientation, and religion.
Everyone brings different perspectives and experiences; you don't have to meet all the requirements listed to apply for this role.
If you need any adjustments to apply for the position and to ensure this role aligns with your needs, please send an email to ******.
We will only respond to inquiries related to disabilities.
#J-18808-Ljbffr