Back to Job Search

GRC Senior Engineer Consultant

Executive recruitment company Monroe Consulting Group Philippines is recruiting for a prominent technology and consulting firm, renowned as a technological partner for core business processes globally.

Job Summary

Monroe Consulting Group Philippines is recruiting on behalf of a prominent technology and consulting firm, recognized as a trusted technological partner for core business processes globally.

The GRC Senior Engineer Consultant will be responsible for integrating, managing, and configuring GRC platforms to ensure compliance with industry standards and regulatory requirements. Additionally, the consultant will play a key role in mentoring and training team members on GRC tools and processes.

Key Responsibilities:

  • Oversee the integration and management of GRC platforms.
  • Ensure seamless integration with data sources such as risk registers, policy repositories, vulnerability scanners, incident management systems, and compliance frameworks.
  • Normalize and map data from various sources to maintain accuracy and consistency.
  • Configure risk taxonomy based on the organization's risk management framework.
  • Implement and support risk assessment methodologies (e.g., quantitative and qualitative).
  • Integrate compliance frameworks such as NIST, ISO, PCI DSS into the GRC platform.
  • Collaborate with the Cybersecurity Team and potentially lead a small team.
  • Provide training and mentorship to junior and mid-level cybersecurity professionals.
  • Work closely with other departments including IT, Legal, and Operations to ensure alignment on security, risk, and compliance matters.


Qualifications & Requirements:

  • At least 8 years of experience in Governance, Risk, and Compliance (GRC).
  • Strong expertise in GRC platform integration and management.
  • Experience integrating GRC tools with enterprise data sources.
  • Proficiency in compliance frameworks such as NIST, ISO, PCI DSS.
  • Excellent communication skills, as the role requires frequent client interaction.
  • Leadership experience is preferred but not required; candidates should have the potential to lead a small team.
  • Cybersecurity-related certifications are required (e.g., CISSP, CISM, CRISC, or equivalent).
  • Industry experience in Energy and Utility is preferred but negotiable.