1

Grc Engineer Jobs (NOW HIRING)

We are hiring a GRC Engineer to help modernize how Governance, Risk, and Compliance (GRC) operates across the organization. This role is focused on reducing compliance burden, improving scalability ...

We are hiring a GRC Engineer to help modernize how Governance, Risk, and Compliance (GRC) operates across the organization. This role is focused on reducing compliance burden, improving scalability ...

What does a Cybersecurity GRC Engineer do at Swire Coca - Cola? Swire Coca-Cola is seeking a Cybersecurity GRC Engineer to support the execution and continuous improvement of our governance, risk ...

What does a Cybersecurity GRC Engineer do at Swire Coca - Cola? Swire Coca-Cola is seeking a Cybersecurity GRC Engineer to support the execution and continuous improvement of our governance, risk ...

We are hiring a GRC Engineer to help modernize how Governance, Risk, and Compliance (GRC) operates across the organization. This role is focused on reducing compliance burden, improving scalability ...

About the Role The GRC Engineer is responsible for transforming Charlie Health's compliance, risk and control programs into automated, measurable and continuously monitored systems. This is a hands ...

Apply Early

What does a Cybersecurity GRC Engineer do at Swire Coca - Cola? Swire Coca-Cola is seeking a Cybersecurity GRC Engineer to support the execution and continuous improvement of our governance, risk ...

GRC Engineer

Palo Alto, CA · On-site

$130K - $170K/yr

GRC Engineer Why Zania Every enterprise spends millions of dollars on Governance, Risk, and Compliance (GRC). It's one of the most critical, yet universally painful, parts of running a business. For ...

Senior AI GRC Engineer

$227K - $267K/yr

As a Senior AI GRC Engineer at Vanta, you'll own and lead governance, risk, and compliance initiatives related to Vanta's internal AI adoption and customer-facing AI products. You'll apply deep ...

GRC Engineer

Foster City, CA · On-site

$210K - $320K/yr

We are looking for a GRC Engineer to serve as a key technical contributor for our compliance and risk management ecosystem. You will architect the systems and processes that automate trust ...

Senior GRC Engineer

Dallas, TX · On-site +1

$103K - $142K/yr

Lantern is seeking a Senior GRC Engineer to join our team as a key individual contributor. This role is built specifically for someone who builds compliance infrastructure, not just manages it. You ...

next page

Showing results 1-20

Grc Engineer information

See salary details

$59.5K

$111.6K

$203K

How much do grc engineer jobs pay per year?

As of Jul 7, 2026, the average yearly pay for grc engineer in the United States is $111,632.00, according to ZipRecruiter salary data. Most workers in this role earn between $80,500.00 and $132,500.00 per year, depending on experience, location, and employer.

What are GRC Engineers?

GRC Engineers are professionals who specialize in Governance, Risk, and Compliance (GRC) within an organization’s information security and IT frameworks. They help ensure that a company’s policies and procedures meet regulatory requirements, manage risks, and align with business objectives. GRC Engineers often implement and maintain tools, conduct risk assessments, and ensure compliance through audits and reporting. Their role is critical in minimizing risks and protecting organizational assets from security threats.

Is GRC still in demand?

GRC (Governance, Risk, and Compliance) engineers are in high demand due to increasing cybersecurity regulations and the need for organizations to manage risks effectively. Skills in risk assessment, compliance frameworks, and security tools like GRC software are valuable in this field, which is expected to grow as organizations prioritize security and regulatory adherence.

What engineers make $200,000 a year?

Senior GRC (Governance, Risk, and Compliance) engineers with extensive experience, specialized skills in cybersecurity frameworks, and relevant certifications such as CISSP or CISA can earn $200,000 or more annually. Compensation varies based on industry, location, and company size, with roles often requiring expertise in risk management, compliance standards, and security tools.

What are the key skills and qualifications needed to thrive as a GRC Engineer, and why are they important?

To thrive as a GRC Engineer, you need a solid understanding of governance, risk management, and compliance frameworks, often supported by a degree in information security or a related field. Familiarity with GRC platforms (such as RSA Archer or ServiceNow GRC), risk assessment tools, and certifications like CISA or CISSP are highly valued. Strong analytical skills, attention to detail, and effective communication are crucial soft skills for collaborating across departments and translating complex requirements. These competencies ensure that organizations can effectively manage risk, maintain regulatory compliance, and safeguard critical information assets.

What engineers make $500,000?

Senior engineers in specialized fields such as software engineering, data engineering, or cybersecurity can earn $500,000 or more annually, especially with extensive experience, advanced skills, and in high-demand industries. Executive or leadership roles like engineering managers or directors may also reach this compensation level. Achieving this often requires advanced certifications, a strong track record, and working in competitive or high-paying markets.

What are some common challenges faced by GRC Engineers when implementing new compliance frameworks?

GRC Engineers often encounter challenges such as integrating new compliance requirements with existing IT systems, ensuring consistent documentation, and keeping up with evolving regulatory standards. Collaboration with various departments—like IT, legal, and operations—is essential to map processes accurately and address potential gaps. Proactive communication and a strong understanding of both technical and regulatory aspects help GRC Engineers overcome these hurdles and support organizational compliance effectively.

What is the difference between Grc Engineer vs Security Analyst?

AspectGrc EngineerSecurity Analyst
CertificationsISO 27001, CISSP, CISACISSP, CompTIA Security+
Work EnvironmentPolicy development, compliance, risk managementMonitoring, incident response, threat analysis
Industry UsageCorporate governance, compliance teamsSecurity operations centers, IT departments

Grc Engineers focus on establishing and maintaining governance, risk, and compliance frameworks, ensuring organizations meet regulatory standards. Security Analysts primarily monitor security systems, analyze threats, and respond to incidents. While both roles require security certifications and work within the cybersecurity industry, Grc Engineers emphasize policy and compliance, whereas Security Analysts focus on threat detection and response.

How much does a GRC engineer make?

A GRC (Governance, Risk, and Compliance) engineer's salary typically ranges from $80,000 to $130,000 annually, depending on experience, certifications, and location. Senior roles or those with specialized skills in security tools and frameworks can earn higher salaries.
More about Grc Engineer jobs
What cities are hiring for Grc Engineer jobs? Cities with the most Grc Engineer job openings:
What states have the most Grc Engineer jobs? States with the most job openings for Grc Engineer jobs include:
What job categories do people searching Grc Engineer jobs look for? The top searched job categories for Grc Engineer jobs are:
Infographic showing various Grc Engineer job openings in the United States as of July 2026, with employment types broken down into 95% Full Time, 2% Part Time, and 3% Contract. Highlights an 87% Physical, 4% Hybrid, and 9% Remote job distribution, with an average salary of $111,632 per year, or $53.7 per hour.
GRC Engineer

GRC Engineer

Nintendo

Redmond, WA • On-site

Full-time

Medical, Dental, Vision, Retirement, PTO

Posted 16 days ago


Nintendo rating

8.2

Company rating: 8.2 out of 10

Based on 8 frontline employees who took The Breakroom Quiz

83rd of 202 rated software companies


Job description

About Nintendo of America: From the launch of the Nintendo Entertainment System™ more than 30 years ago, Nintendo's mission has been to create smiles through unique entertainment experiences. Here at Nintendo of America Inc., we deliver on this mission by partnering closely with Nintendo Co., Ltd., to bring Nintendo's iconic and cherished franchises including Mario™, Donkey Kong™, The Legend of Zelda™, Metroid™, Animal Crossing™, Pikmin™ and Splatoon™ across the Americas through our video games, hardware systems, and collaborations with partners on a range of other entertainment initiatives like feature films and theme parks.
Based in Redmond, Wash., Nintendo of America serves as headquarters for Nintendo's operations in the Americas. We are an equal opportunity employer offering a welcoming and inclusive environment in service to one another, our products, and the diverse consumers and communities we call home. For more information about Nintendo, please visit the company's website at https://www.nintendo.com/.
Job Summary: This role is within Nintendo of America (NOA)'s IT Security department. We are hiring a GRC Engineer to help modernize how Governance, Risk, and Compliance (GRC) operates across the organization. This role is focused on reducing compliance burden, improving scalability, and enabling sustainable compliance through thoughtful use of automation, tooling, and sound engineering judgment.
This is an early-to-mid career role designed for someone with a solid foundation in cybersecurity risk and compliance who is ready to grow into a more technical, systems-oriented GRC career path. The GRC Engineer will work hands-on with both GRC processes and technical solutions, learning how to design workflows that scale while continuing to build depth in regulatory interpretation, risk management, and business partnership. This role is accountable for how GRC work gets done, not just for completing GRC tasks. Routine compliance activities are expected to become increasingly automated; this role focuses on designing, improving, and governing those workflows to make compliance more reliable and less disruptive to the business.
Description of Duties:
  • Conduct cybersecurity risk assessments, including third-party/vendor risk evaluations (TPRM), with an emphasis on consistency, repeatability, and scalability
  • Identify, analyze, and document security risks, threats, and vulnerabilities
  • Support the development and maintenance of risk registers and risk treatment plans
  • Assist in ensuring compliance with applicable regulations, standards, and frameworks (e.g., NIST CSF, PCI DSS, J-SOX, etc.)
  • Contribute to the development, review, and maintenance of information security policies, standards, and procedures
  • Support internal and external audits, including evidence collection and remediation tracking
  • Monitor and report on compliance posture, control effectiveness, and risk metrics
  • Help design, build, and maintain automation and tooling that reduces manual GRC effort and improves reliability
  • Apply the most appropriate technical approach-custom scripts, low-code/no-code platforms, workflow automation, or AI-assisted techniques-based on problem complexity and process maturity
  • Integrate GRC workflows with internal systems (e.g., ticketing, asset management, identity, cloud platforms) to support compliance by design
  • Contribute to scalable approaches for evidence collection, control testing, risk tracking, and reporting
  • Identify opportunities to reduce GRC toil and compliance friction for both the business and the security team
  • Treat GRC capabilities as internal products, iteratively improving workflows, usability, and sustainability over time
  • Partner with IT, engineering, legal, privacy, and business teams to support effective and practical security control implementation
  • Translate regulatory and framework requirements into clear, implementable expectations
  • Provide guidance and support to stakeholders to help them meet compliance requirements with minimal disruption
  • Maintain awareness of emerging threats, regulatory changes, and industry best practices

Summary of Requirements:
  • Minimum of four (4) years of related experience in security development technologies and practices.
  • Professional experience with an architectural understanding of network security and application security.
  • Experience with work on complex issues where analysis of situations or data requires an in-depth evaluation of variable factors.
  • Strong knowledge of networking concepts, protocols (TCP/IP, HTTP, DNS, TLS) and technologies including firewalls, TLS, IDS/IPS system, cryptographic systems, identity management systems, RADIUS, etc.
  • Experience with programming/scripting (Python/Perl/bash/etc.).
  • Strong understanding of networking topologies and protocols.
  • Experience working in multiple security domains with a focus on risk-based analysis of anomalies, detection and response.
  • Proven experience with work on complex security issues where analysis of situations or data requires an in-depth evaluation of variable factors.
  • Undergraduate degree in Computer Science, a related field, or equivalent.
  • Familiarity with compliance frameworks (NIST, PCI, JSOX). Familiarity with AI risk compliance frameworks (NIST AI RMF, ISO 42001) a plus

Applicants must be legally eligible to work in the United States to be considered. Visa sponsorship is not available for this role.
This position is hybrid in Redmond, WA. Hybrid positions require regular onsite work following the schedule and guidelines for their division. This position is not open to fully remote status at this time. Relocation assistance may be available.
This position includes the base pay range listed below, potential for a semi-annual discretionary performance bonus, and a comprehensive benefits package that includes medical, dental, vision, 401(k), and paid time off.
Pay Range:
$108,450-$173,550 USD

What Nintendo employees say

Pay

Hours and flexibility

Workplace

Get the full story on Breakroom