1

Cybersecurity Grc Jobs (NOW HIRING)

What does a Cybersecurity GRC Engineer do at Swire Coca - Cola? Swire Coca-Cola is seeking a Cybersecurity GRC Engineer to support the execution and continuous improvement of our governance, risk ...

What does a Cybersecurity GRC Engineer do at Swire Coca - Cola? Swire Coca-Cola is seeking a Cybersecurity GRC Engineer to support the execution and continuous improvement of our governance, risk ...

What does a Cybersecurity GRC Engineer do at Swire Coca - Cola? Swire Coca-Cola is seeking a Cybersecurity GRC Engineer to support the execution and continuous improvement of our governance, risk ...

next page

Showing results 1-20

Cybersecurity Grc information

See salary details

$38.5K

$58.2K

$87K

How much do cybersecurity grc jobs pay per year?

As of Jul 6, 2026, the average yearly pay for cybersecurity grc in the United States is $58,171.00, according to ZipRecruiter salary data. Most workers in this role earn between $48,000.00 and $64,500.00 per year, depending on experience, location, and employer.

What are some common challenges faced by professionals in Cybersecurity GRC roles, and how can they be addressed?

Professionals in Cybersecurity GRC (Governance, Risk, and Compliance) often encounter challenges such as keeping up with evolving regulatory requirements, balancing business objectives with security mandates, and fostering collaboration between IT, legal, and business teams. These challenges can be addressed by staying current with industry standards, utilizing automated tools for compliance tracking, and building strong communication channels across departments. Proactively engaging stakeholders and fostering a culture of security awareness also play a crucial role in overcoming these obstacles and ensuring effective risk management.

What is Cybersecurity GRC?

Cybersecurity GRC stands for Governance, Risk, and Compliance in the context of cybersecurity. It involves establishing frameworks and processes to ensure an organization's information security aligns with business objectives, regulatory requirements, and risk management strategies. Professionals in this field help identify and manage security risks, create policies and controls, and ensure compliance with laws and standards such as GDPR, HIPAA, or ISO 27001. The goal of Cybersecurity GRC is to protect the organization’s digital assets while enabling responsible growth and innovation.

What are the key skills and qualifications needed to thrive as a Cybersecurity GRC (Governance, Risk, and Compliance) professional, and why are they important?

To thrive as a Cybersecurity GRC professional, you need a solid understanding of cybersecurity frameworks, risk management principles, and regulatory compliance, often supported by a degree in information security or a related field. Familiarity with tools like GRC platforms (e.g., RSA Archer, ServiceNow), as well as certifications such as CISSP, CISM, or CRISC, is typically required. Strong analytical skills, attention to detail, and effective communication are crucial soft skills for collaborating with stakeholders and translating technical risks into business implications. These competencies ensure organizations can proactively manage cyber risks, meet regulatory requirements, and maintain trust with clients and partners.

Is GRC in high demand?

Cybersecurity GRC (Governance, Risk, and Compliance) professionals are in high demand due to increasing cybersecurity regulations and the need for organizations to manage risks effectively. Employers seek candidates with knowledge of compliance frameworks, risk management, and security policies, often requiring certifications like CISA or CISSP. The role offers strong job growth prospects across various industries as cybersecurity threats continue to evolve.

What is the difference between Cybersecurity Grc vs Cybersecurity Analyst?

AspectCybersecurity GrcCybersecurity Analyst
CertificationsISO 27001, CISSP, CISACompTIA Security+, CEH, CISSP
Work EnvironmentPolicy development, risk management, complianceThreat detection, incident response, vulnerability assessment
Employer & Industry UsageOrganizations focusing on governance and complianceSecurity operations centers, IT departments

Cybersecurity Grc professionals focus on establishing policies, managing risks, and ensuring compliance with regulations. In contrast, Cybersecurity Analysts primarily monitor security systems, analyze threats, and respond to incidents. While both roles require similar certifications and work within the cybersecurity field, Grc roles are more strategic and policy-oriented, whereas Analysts are more technical and operational.

Can you make $200,000 in cyber security?

Cybersecurity GRC (Governance, Risk, and Compliance) professionals can potentially earn $200,000 or more annually, especially with extensive experience, advanced certifications like CISSP or CISA, and leadership roles such as security managers or directors. Salary levels vary based on industry, location, and company size, with senior positions often reaching or exceeding this threshold.

What is the role of GRC in cybersecurity?

In cybersecurity, GRC (Governance, Risk Management, and Compliance) professionals develop and implement policies to ensure organizations meet security standards, manage risks, and comply with regulations. They use frameworks like ISO 27001 and tools such as risk assessments and audits to protect information assets and support security strategies.

How much do cyber GRC specialists make?

Cybersecurity GRC (Governance, Risk, and Compliance) specialists typically earn between $70,000 and $130,000 annually, depending on experience, certifications, and location. Senior roles or those with advanced certifications like CISSP or CISA can earn higher salaries, especially in larger organizations or high-demand markets.
More about Cybersecurity Grc jobs
What cities are hiring for Cybersecurity Grc jobs? Cities with the most Cybersecurity Grc job openings:
What are the most commonly searched types of Cybersecurity Grc jobs? The most popular types of Cybersecurity Grc jobs are:
What states have the most Cybersecurity Grc jobs? States with the most job openings for Cybersecurity Grc jobs include:
Infographic showing various Cybersecurity Grc job openings in the United States as of July 2026, with employment types broken down into 92% Full Time, 5% Part Time, and 3% Contract. Highlights an 79% Physical, 5% Hybrid, and 16% Remote job distribution, with an average salary of $58,171 per year, or $28 per hour.

Cybersecurity GRC Engineer

swirecc

Draper, UT

Other

Posted 24 days ago


Job description

What does a Cybersecurity GRC Engineer do at Swire Coca - Cola?
Swire Coca-Cola is seeking a Cybersecurity GRC Engineer to support the execution and continuous improvement of our governance, risk, and compliance (GRC) program. This role works under the direction of the GRC Manager and is responsible for performing day-to-day risk, compliance, and audit activities that ensure our cybersecurity program remains aligned with regulatory, contractual, and business requirements. The GRC Engineer plays a critical role in operationalizing cybersecurity governance by conducting risk assessments, supporting audits, maintaining control frameworks, and partnering across IT and business teams to track and remediate findings. This role requires a detail-oriented and analytical individual who can translate technical controls and risks into clear documentation and actionable insights.
Responsibilities

  • Perform cybersecurity risk assessments for systems, applications, and business processes
  • Support third-party/vendor risk assessments and due diligence reviews
  • Identify control gaps, document risks, and assist in developing remediation plans
  • Maintain and update the enterprise risk register, including risk scoring and tracking
  • Partner with control owners to validate mitigation efforts and risk status
  • Support internal and external audits by coordinating evidence collection and responses
  • Track audit findings, remediation activities, and validate closure
  • Assist with security questionnaires, RFP responses, and due diligence requests
  • Help ensure compliance with regulatory and contractual requirements
  • Maintain and update cybersecurity policies, standards, and procedures
  • Support mapping of controls to frameworks such as NIST CSF, ISO 27001, and CIS
  • Assist in the development and maintenance of a unified control framework
  • Support control testing activities and documentation of effectiveness
  • Develop and maintain GRC metrics, dashboards, and reporting artifacts
  • Track key risk indicators (KRIs), audit trends, and remediation progress
  • Prepare reports and summaries for leadership and stakeholders
  • Maintain organized documentation and evidence repositories
  • Partner with cross-functional teams to drive risk awareness and remediation efforts
  • Support process improvements to enhance GRC efficiency and scalability
  • Assist in implementing and optimizing GRC tools and automation
  • Stay current on cybersecurity risks and compliance requirements
  • Performs other duties as assigned.


Requirements

  • Bachelor’s Degree in Cybersecurity, Information Technology, Risk Management, or related field required
  • Relevant certifications such as Security+, CISA, CRISC, or similar preferred
  • 3+ years of experience in cybersecurity, risk, compliance, or audit roles required
  • Experience supporting audits, risk assessments, and compliance activities required
  • Experience collaborating across IT and business teams required
  • Working knowledge of NIST CSF, ISO 27001, and CIS frameworks
  • Strong analytical, documentation, and organizational skills
  • Ability to communicate technical concepts to non-technical stakeholders
  • Familiarity with GRC tools such as ServiceNow GRC, Archer, Drata, Vanta, or similar preferred