Principal Cyber-Security Engineer – GRC, AI
Employment Information
Report this job
Job expired or something wrong with this job?
Job Description
Principal Cyber-Security Engineer driving AI integration within FICO's GRC, emphasizing automation and compliance. Leading high-visibility audit engagements and mentoring team members across departments.
Responsibilities:
- Architect and lead the implementation of AI-powered solutions to automate GRC workflows, including risk assessments, control monitoring, evidence collection, and policy management.
- Serve as the technical voice for AI adoption within the Cyber Security GRC program, defining strategy and roadmap for integrating AI/ML tools across compliance, risk management, and audit functions.
- Lead and coordinate complex, high-visibility audit engagements, ensuring stakeholder readiness and timely remediation of findings — leveraging AI tools to streamline evidence gathering and reporting.
- Drive the development of intelligent dashboards, risk signal automation, and natural language processing (NLP) tools to improve GRC transparency and decision-making for leadership.
- Identify opportunities to reduce manual, repetitive GRC processes through automation and AI augmentation, and champion the adoption of these improvements across the team.
- Partner with Engineering, Product, Legal, and Compliance teams to evaluate AI risk, including the governance of AI/ML models used within FICO products, ensuring alignment with applicable regulations and internal policies.
- Respond to and lead the resolution of complex governance, risk, and compliance inquiries from internal and external stakeholders, including customers and regulators.
- Develop and maintain GRC frameworks and standards aligned to PCI DSS, SOC 2, ISO 27001, ISO 42001, NIST CSF, NIST AI RMF, and emerging AI-specific regulatory requirements (e.g., EU AI Act, NIST AI 600-1).
- Mentor and coach junior and mid-level GRC team members on AI tools, automation techniques, and program best practices to accelerate team capability maturity.
- Act as a subject matter expert and thought leader, representing the GRC team in cross-functional AI governance discussions, customer calls, and industry forums.
- Assist Corporate Compliance and business units with compliance and security-related documentation, and provide expert guidance on GRC matters across the organization.
Requirements:
- Extensive experience in Cyber Security, with in-depth experience focused on GRC.
- Demonstrated experience designing, implementing, or operationalizing AI/ML solutions within a cyber security or GRC context.
- Deep knowledge of GRC industry frameworks and standards, including PCI DSS, SOC 2, ISO 27001, ISO 42001, CSA, NIST CSF, and the NIST AI Risk Management Framework.
- Experience with AI governance frameworks and emerging regulations, including the EU AI Act and NIST AI 600-1 (Generative AI).
- Experience using or evaluating GRC platforms (e.g., ServiceNow GRC, Archer, OneTrust) and integrating AI/automation capabilities into these tools.
- Proficiency in data analysis, scripting, or programming (e.g., Python) to support automation and AI integration efforts.
- Experience with large language models (LLMs), prompt engineering, or AI-assisted tools applied to compliance, risk, or audit workflows is highly desirable.
- Ability to translate complex technical and AI concepts into clear business language for executive and non-technical audiences.
- Proven ability to lead cross-functional initiatives, manage multiple high-priority projects concurrently, and deliver results in a fast-paced, evolving environment.
- Desired certifications: CISSP, CISA, CISM, CRISC; AI-related certifications (e.g., AWS/Azure/GCP AI certifications, AIGP) are a strong plus.
- Excellent written and verbal communication skills, with demonstrated ability to build trust and productive relationships across business functions and with external partners.
Benefits:
- Highly competitive compensation and rewards
- Flexible work options
- Opportunities to give back to your community
- Social events with colleagues
- Comprehensive benefits program inclusive of progressive parental leave
Similar Jobs
Lernbegleiter, Sicherheit und Objektschutz
Trainer for security expertise remotely at WBS TRAINING. Focusing on competency development for course participants with a strong educational approach.
Social Security Disability Hearing Attorney
Social Security Disability Hearing Attorney helping clients navigate the SSDI and SSI application processes. Representing them in appeals and providing legal consultation remotely.
Penetration Testing Consultant
Penetration Testing Consultant at BMO focusing on manual testing for applications. Engaging across the full lifecycle from scoping to remediation.
Penetration Testing Consultant
Penetration Testing Consultant at BMO conducting extensive manual security assessments for critical financial applications. Collaborating with stakeholders to enhance security strategies and practices.
Security Hardware Technician
Security Hardware Technician installing, maintaining, and troubleshooting security hardware systems. Responsible for configuration, repair, and optimization of security equipment.
Vendedor de productos de seguridad industrial
Industrial Salesperson building strong client relationships in the mining sector for 3M. Identifying new business opportunities and presenting tailored solutions to customer needs.
Global Program Manager, Health and Security Consulting
Program Director leading delivery of health and consulting solutions at International SOS. Oversees complex programs supporting health, security, and organizational resilience risks.
Senior Software Engineer – Product Security, Security Automation
Software Engineer in Product Security developing security tooling and automation for a global organization in cybersecurity. Collaborate with teams to safeguard a multi-cloud production environment.
Fees Coordinator, Social Security Disability Experience Required
Fee Tracking Coordinator at Mindset Care, Inc. managing SSA attorney fee payments and authorizations within Social Security Disability practice.
Security Engineer
Join a global tech company as a Security Engineer focusing on Endpoint Privilege Management. Drive the rollout of a new EPM solution in a fully remote role based in Poland.
Full-Stack Engineer, Identity & Security
Identity & Security Engineer responsible for designing security foundations for AI orchestration Layer. Collaborating to ensure authorization and auditing for actions and workflows across platforms.
Information Security Engineer
Information Security Engineer identifying security risks and managing firewalls at Gainwell Technologies. Developing and enforcing security policies while providing technical support for enterprise systems.
Senior Manager, Information Systems Security
Senior Manager responsible for managing information system security education and compliance activities at Gainwell. Ensuring safety protocols in place for facility management and personnel operations.
Head of Cybersecurity
Head of Cybersecurity for high-growth B2B SaaS firm managing data protection and compliance. Define cybersecurity strategy and mature security functions across the organization.
Principal Architect – Security, Performance
Principal Architect responsible for security and performance in eCommerce for Dealer Tire and SimpleTire platforms. Collaborating on cloud architecture and application performance optimization.
Ingeniero Seguridad Cloud, Semi Senior
Cloud Security Engineer focused on implementing security controls and compliance for cloud environments at Stefanini, ensuring protection of digital assets.
System Architect – Infrastructure Security
System Architect responsible for enhancing infrastructure security at Target Group. Collaborating with IT and Security teams to mitigate risks and strengthen technology resilience.
Deputy Chief Information Security Officer
Deputy Chief Information Security Officer at Mercury responsible for the bank's 2LOD Information Security program. Ensure security policies and examiner readiness for regulatory standards in a fintech environment.
VP of Security
VP of Security overseeing Serve's security strategy for autonomous delivery. Leading initiatives and developing security practices in a high-growth tech environment.
Security Engineer
Security Engineer at Coterie enhancing security operations and access management in cloud-native environments. Collaborating with teams to conduct access reviews and manage privileged access programs.