This job might no longer be available.

Governance, Risk, Compliance Engineer (GRC Engineer)

Overview

ZeniMax Media is looking for a motivated IT professional to join our corporate security team in Rockville, MD. This position will be a key member of the Information Technology Security team on matters of Governance, Risk, and Compliance. The GRC Engineer role will work with ZeniMax IT and other internal teams to help guide policy, assess risk, and provide security guidance.

Responsibilities

• Identify points of risk within existing processes and procedures and make actionable recommendations to reduce identified risk.
• Assist in creating and maintaining technical documentation, including policies, procedures, and standards.
• Provide support to teams across the org and advise on security best practices.
• Evaluate software/hardware products and services for data security controls.
• Communicate (written and verbal) security initiatives to both technical and non-technical personnel.
• Assist in the creation of security awareness materials and exercises.
• Coordinate remediation tasks for discovered vulnerabilities.
• Act as a security advisor on governance, risk, and compliance.

Qualifications

• 2+ years information security or governance experience.
• Knowledge of threat and vulnerability vectors impacting applications, hosts, and networks.
• Proven ability to communicate with varied company stakeholders.
• Excellent verbal and written communication skills.
• Knowledge of risk management and familiarity with risk assessments.

Preferred Skills

• Experience with governance or compliance standards such as GDPR and CCPA.
• Previous game industry experience.
• Certifications in one or more of the following: CIPP, CIPT, GSEC, CCSP, CISSP, CISA, or Security+.
• Experience working with regulatory frameworks such as NIST 800-53 or ISO 27001.

Applicant Privacy Notice

CCPA Applicant Privacy Notice