44 grc engineer jobs at 24 companies in Frederick, MD
1mo
Save
Mark Applied
Hide
1mo
Governance, Risk, and Compliance Engineer
McLean or Tysons Corner
OnsiteFull Time
Guidehouse: Provides management and technology consulting services to diverse organizations.
9+ YOESenior GRC engineer with 9+ years in cybersecurity governance, risk, and compliance; active DoD Public Trust preferred; CISSP and CGRC certifications; experience with GRC platforms.
Arlington or California or Colorado or Hawaii or Illinois or Maryland or Massachusetts or Minnesota or New Jersey or New York or Washington or Vermont or District of Columbia or Cleveland
$91k-$185k/yrRemoteFull Time
Accenture Federal ServicesNYSE: ACN: Provides technology and consulting services to US federal agencies.
5+ YOEU.S. citizen with 5+ years in IT or information security engineering/architecture; strong cloud, application, and network security knowledge; familiarity with NIST CSF, MITRE ATT&CK, OWASP, and secure web protocols; EM/architecture experience and relevant certifications preferred.
NIST CSF, MITRE ATT&CK, NIST SP 800-171, NIST SP 800-53, RMF, ISO 27001, SOX, Azure Active Directory, Azure IaaS, Azure PaaS, Office 365, HTTP, HTTPS, TLS, SFTP, OWASP Top 10, Agile, DevOps, AI
8+ YOEBachelor’s degree or equivalent experience; 8+ years software development; 5+ years ML/AI experience; 5+ years ML design/infrastructure; 5+ years software design/architecture; 5+ years testing and launching software.
ManTech: Provides technology solutions for defense and intelligence agencies.
7+ YOEHigh School/GED with 7+ years IT/security or technical deployment experience; strong Python and JavaScript coding skills; experience deploying LLM-powered systems, documentation, and security controls; active TS/SCI required (polygraphable).
COMPLIANCE DATA ARCHITECT / GRC RECONILIATION ENGINEER
Arlington or Alexandria
$145k-$180k/yrHybridFull Time
Zermount: Provider of cybersecurity and IT solutions to government agencies.
15+ YOE15+ years in database/data architecture across cloud and on-prem, strong data modeling, ETL and reconciliation, hands-on NIST SP 800-53 and POA&M/ATO experience, T-SQL and PowerShell skills, attention to detail.
LTS: An enterprise consulting and IT modernization firm delivering healthcare IT solutions for federal agencies and public organizations.
5+ YOEBachelor's degree, ability to obtain Public Trust, 5+ years cybersecurity engineering experience in federal or regulated/cloud environments, AWS security, RMF/ATO, eMASS/ServiceNow GRC, NIST/FedRAMP/DISA STIGs, and DevSecOps/CI/CD familiarity.
Diligent: Provides software for corporate governance, risk, and compliance management.
1+ YOE1+ years in audit, risk, compliance, IT risk or GRC; SaaS demo and sandbox experience; strong presentation, communication, and solution-design skills; familiarity with regulatory frameworks (COSO, SOX, ISO 27001, NIST, CMMC).
Diligent One Platform, COSO ERM, COSO Internal Control, SOX, IIA Standards, ISO 27001, NIST, CMMC
Booz Allen HamiltonNYSE: BAH: Provides technology and management consulting services to diverse organizations.
5+ YOE5+ years in information assurance or cybersecurity; ISSO or GRC experience; DoD/NIST/RMF compliance; eMASS, POA&M, STIG/ACAS familiarity; Secret clearance; Bachelor’s degree; cybersecurity certification.
Los Angeles or Seattle or Portland or Denver or Chicago or Austin or Dallas or New Orleans or St. Louis or Baltimore or Boston or Miami or Philadelphia or Pittsburgh or Washington or California or Maryland or Massachusetts or Illinois or Oregon or Washington or Colorado or Texas or Florida or Pennsylvania or Louisiana or Missouri or District of Columbia
$100k-$130k/yrRemoteFull Time
UpGuard: Security platform for managing cyber risk and vendor compliance.
3+ YOE3+ years in a customer-facing post-sales technical role; strong sales acumen; deep knowledge of cybersecurity/GRC ecosystem; REST API experience; excellent communication and problem-solving skills.
WorkdayNASDAQ: WDAY: Provides cloud-based software for financial and human capital management.
9+ YOE9+ years in building GRC platforms; proficient in Python/Go/Java; strong SDLC governance; architecture, data models, API design; leads technical roadmaps; experience automating risk data.
Python, Go, Java, Git, APIs, ETL, Data Modeling, NIST, FAIR
Dexian Government Solutions: Provides diversified IT and engineering solutions to government agencies.
10+ YOE10+ years related experience with 2+ years recent experience in A&A, FISMA, IC cybersecurity policy, continuous monitoring, secure cloud/hybrid engineering; experience with NIST 800 series and CNSSI 1253; CISM + CAP or GRC required; TS/SCI with CI Polygraph required.
RMF, A&A, NIST 800 series, CNSSI 1253, POA&M, JWICS, FISMA, JCIP, DoD 8140, DoD 8570, ConMon, ATO, ATC
Zermount: Provides cybersecurity and IT consulting services to government agencies.
5+ YOEActive Secret clearance, 5+ years US government cybersecurity experience, 4+ years RMF/ISSO/GRC technical validation, hands-on across cloud/network/systems/databases, required security certification (e.g., CISSP/CISM/CISA/CAP/CCISO/CGRC).
Tenable, Qualys, CrowdStrike, Splunk, Microsoft Sentinel, IBM QRadar, Ansible, Terraform, Puppet, Archer, ServiceNow, NIST RMF, FISMA, EO 14028, FIPS 199, TIC 3.0, NIST 800-207
ECSNYSE: ASGN: Provides advanced technology and engineering services to government agencies.
10+ YOETop Secret with SCI eligibility; 10+ years security engineering; certifications CISSP/CISSP-ISSEP/Cissp-ISSAP/CISSP-CSSLP or CASP CE; TS with SCI eligibility.
Cleared On Site Information Systems Security Engineer (ISSE) (5362)
Washington or Hollywood
$105k-$177k/yrOnsiteFull Time
SMX: Providing cloud, cybersecurity, and mission-focused technology solutions to government.
5+ YOEActive TS/SCI clearance, 5+ years cybersecurity experience, RMF and NIST-based compliance, SSP/POA&M/ATO experience, vulnerability assessment and remediation, strong written and verbal communication.
Senior Security Compliance Automation Engineer - Federal (Reston, VA, US, 20191)
Reston, Virginia, United States
$131k-$272k/yrHybridFull Time
SAPFrankfurt Stock Exchange: SAP: Sells enterprise resource planning and business management software solutions.
5+ YOE5+ years experience in security compliance, controls or automation; FedRAMP/FISMA/NIST knowledge; hands-on automation with Python, PowerShell, SQL and APIs; dashboard and data pipeline experience; strong documentation and communication skills.
FutureFeed: Automated GRC platform for defense industry cybersecurity compliance.
Lead development and engineering; build product ecosystem; AI integration; experience in cyber/compliance/GRC; growth-stage agile environment; strong AI product experience.