Tallo logoTallo logo

Information Security Engineer, GRC

Job

KYOCERA AVX Components Corporation

Fountain Inn, SC (In Person)

Full-Time

Posted 4 weeks ago (Updated 4 weeks ago) • Actively hiring

Expires 5/27/2026

Apply for this opportunity

This job application is on an outside website. Be sure to review the job posting there to verify it's the same.

Review key factors to help you decide if the role fits your goals.
How is this calculated?
Pay Growth
?
out of 5
Not enough data
Not enough info to score pay or growth
Job Security
?
out of 5
Not enough data
Calculating job security score...
Total Score
77
out of 100
Average of individual scores

Were these scores useful?

Skill Insights

Compare your current skills to what this opportunity needs—we'll show you what you already have and what could strengthen your application.

Job Description

PRIMARY FUNCTION
Design, implement, audit, and maintain governance, risk management, and compliance (GRC) controls for the organization's information security program aligned to the National Institute of Standards and Technology (NIST), the Center for Internet Security (CIS), and the International Organization for Standardization (ISO) 27000 family of frameworks. Drive policy, risk assessments, third party risk, audit readiness, and continuous compliance with regulatory and industry standards, using an organized and project managed approach.
DUTIES & RESPONSIBILITIES
Governance, policy & control design: Maintain policies/standards; map obligations to
NIST CSF, NIST SP
800-53/800-171, CIS, and
ISO 27001
; define testable controls, procedures, and evidence requirements. Risk management & exceptions: Conduct risk assessments; document scenarios and residual risk; maintain risk register, compensating controls, and remediation plans; support exception/acceptance decisions with rationale and evidence. Compliance & audit readiness: Test controls (design/operating effectiveness), document gaps, assemble audit evidence, and track findings to validated closure.
Third-party risk:
Assess vendor security (questionnaires, SOC/ISO artifacts, evidence review), document risk and required controls/terms, and drive remediation follow-ups. Control implementation support & monitoring: Partner with IT/SecOps to implement and run controls (access, logging, vuln mgmt, encryption, backup/DR) and define monitoring, evidence sources, and test cadence. Metrics & stakeholder communication: Produce dashboards and brief status reports on risk, control health, audit readiness, and remediation aging for technical and non-technical stakeholders. Operational support & enablement: Provide GRC support for incidents/vulnerabilities and privacy obligations; publish practical guidance (standards, job aids, FAQs) to increase control adoption and reduce exceptions.
REQUIREMENTS
REQUIRED
QUALIFICATIONS
Bachelor's degree 10+ years experience in information security, including GRC, or risk/compliance roles. Demonstrated experience with NIST frameworks (NIST
CSF, NIST SP 800-53, NIST RMF, NIST SP 800-171
), CIS 8.1, and
ISO 27001.
Hands-on experience conducting risk assessments, control assessments, and audit responses. Experience with regulatory requirements relevant to the organization (e.g., CMMC, TISAX, CTPAT, GDPR, IATF). Strong communication skills; experience producing executive-level reporting. Experience with GRC tooling (e.g., Archer, ServiceNow GRC, OneTrust, RSA) and security monitoring platforms.
PREFERRED QUALIFICATIONS
Master's degree or relevant advanced certification.
Certifications:
CISSP, CISM, CRISC, CGEIT, or equivalent. Experience with cloud security (AWS/Azure/GCP) controls and cloud compliance frameworks.
EEO STATEMENT
Kyocera-AVX is an
Equal Opportunity Employer:
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, or status as a protected veteran.

Similar remote jobs

Similar jobs in Fountain Inn, SC

Similar jobs in South Carolina