GRC Cybersecurity Engineer

Job Title: GRC Cybersecurity Engineer Location: Peoria, IL | Dallas, TX | Tucson, AZ Duration: 24 months

Focusing on the below skills

Top 5 Tools

1. GRC Platforms (RSA Archer, ServiceNow GRC)
2. Vulnerability Tools (Qualys, Nessus, Rapid7)
3. SIEM (Splunk, Microsoft Sentinel)
4. Document/Workflow (Jira, Confluence, SharePoint)
5. SDLC/Security Assessment Tools (Threat Modeling, SBOM tools)

Top 3 Skills

1. Compliance (ISO 27001, IEC 62443, ISO 9001, EU CRA)
2. Cybersecurity Technical Expertise
3. Audit & Evidence Management

Top 3 Certifications

1. CISM ISACA
2. ISO 27001 Lead Implementer/Auditor
3. IEC 62443/Product Security Certification

Position s Contributions to Work Group:

Supports the execution of the A&A security compliance and assurance program across regulated products and platforms. This role is responsible for daytoday compliance activities, evidence development, customer security responses, and standards alignment under the direction of the A&A Security GRC Manager.

The role works handson with engineering, product, and quality teams to ensure A&A products meet requirements for EU Cyber Resilience Act (CRA), IEC 62443, ISO 27001, and ISO 9001, and that evidence is accurate, current, and auditready.

This is a deliveryoriented role suited for a strong practitioner who understands security and compliance in product environments and wants to grow depth and influence.

Education & Experience Required:

• Years of experience: 10+ years experience in cybersecurity, product security, compliance, or regulated product environments
• Working knowledge of:
  • IEC 62443 or similar product security standards
  • ISO/IEC 27001 concepts
  • Secure development lifecycle practices
• Experience supporting audits, assessments, or customer security reviews
• Degree requirement: Bachelor s degree in Engineering, Computer Science, Cybersecurity, or related field (or equivalent experience)
• Do you accept internships as job experience: No
• Are there past or additional job titles or roles that would provide comparable background to this role: Governance Risk & Compliance

Top 3 Skills

• Compliance
• Effective communication skills
• Cyber Security technical experience

Soft Skills

(Required)

• Critical thinker
• Works well independently

(Desired)

• Speaks Portuguese or Spanish

Typical task breakdown:

Security Compliance Execution

• Support execution of the A&A security compliance programacross products and platforms.
• Assist with implementation and evidence collection for:
  • EU Cyber Resilience Act (CRA)
  • IEC 6244341 / 42
  • ISO/IEC 27001
  • ISO 9001 (quality system alignment)
• Translate requirements into practical artifactssuch as procedures, checklists, templates, and evidence packages.

Audit & Evidence Support

• Prepare and maintain audit evidencefor internal audits, ISO surveillance audits, and customer assessments.
• Track compliance gaps, findings, and corrective actions.
• Support audit activities by coordinating inputs from engineering, product, and platform teams.

EU CRA & Product Security Support

• Assist with CRArelated activities including:
  • Securebydesign documentation
  • Vulnerability management evidence
  • SBOM and technical documentation alignment
• Help maintain consistency between declared security posture and actual product implementation.

IEC 62443 & Secure Development Practices

• Support product teams in aligning to IEC 62443 secure development lifecycle expectations.
• Assist with mapping engineering practices to required controls and evidence.
• Participate in security or compliance reviews as requested.

Customer & Third Party Security Responses

• Draft and maintain responses to customer security questionnaires and assessments.
• Collect and validate technical inputs to ensure responses are accurate and defensible.
• Escalate complex or highrisk issues to the SG25 manager.

Risk & Issue Tracking

• Identify compliance gaps, risks, or deviations and raise them through defined processes.
• Maintain logs for findings, risks, and remediation status.
• Support documentation for risk acceptances and exceptions (approval handled by leadership).

Cross Functional Collaboration

• Work closely with Engineering, Product, Quality, and Platform teams to gather evidence and drive closure of gaps.
• Coordinate with Enterprise Security and Quality teams as needed.

Interaction with team:

• Global collaboration with crossfunctional teams, balancing independent ownership of tasks while working closely on regulatory compliance across business units.

Disqualifiers/Red Flags/Overqualifications:

• Insufficient English proficiency
• Looking for Remote work

Regards,

Adam Jones (Azam)

Direct:

Email: Adam (@) pullskill (dot) com