Kaseware

Governance, Risk and Compliance Engineer

Kaseware

full-time

Posted on:

Origin:  • 🇺🇸 United States • Colorado

Visit company website
AI Apply
Apply

Salary

💰 $120,000 - $150,000 per year

Job Level

Mid-LevelSenior

About the role

  • Support governance, risk, and compliance (GRC) initiatives across multiple frameworks, including NIST 800-53/800-171, ISO 27001/27701, PCI DSS, and FedRAMP.
  • Assist in developing and maintaining compliance documentation, policies, procedures, and control mappings across frameworks.
  • Enable centralized GRC tooling to streamline evidence collection, artifact management, and automated reporting.
  • Partner with engineering, security, and operations teams to ensure system configurations and processes align with compliance requirements.
  • Monitor regulatory updates and framework revisions to maintain continuous compliance.
  • Support internal and external audits by coordinating evidence gathering, preparing documentation, and ensuring audit readiness.
  • Perform control assessments and risk reviews to identify gaps and propose remediation plans.
  • Contribute to the improvement of compliance workflows through automation and best practices.

Requirements

  • Bachelors Degree in Information Security, Computer Science, Risk Management, or related field (Required).
  • Related experience can be substituted for education.
  • 3+ years of experience in information security, GRC, or compliance engineering.
  • Familiarity with frameworks and standards: NIST, ISO 27001/27701, PCI DSS, FedRAMP.
  • Hands-on experience with centralized GRC platforms or compliance automation tools (e.g., Hyperproof, Drata, OneTrust, Archer).
  • Strong understanding of artifact collection and evidence management in compliance programs.
  • Knowledge of security and compliance processes such as risk assessments, control testing, and audit support.
  • Excellent communication and documentation skills.
  • Ability to work cross-functionally and translate compliance requirements into actionable technical and operational tasks.
  • Language: English
  • Must be able to pass a full CJIS compliant fingerprint based background check
  • U.S. Citizens and those authorized to work in the U.S. are encouraged to apply. We are unable to sponsor at this time.