Security & Privacy GRC Engineer
Location: DublinType: Full-TimeSalary: €80,000 - €100,000
A security-conscious organisation operating across cloud-first and data-driven environments is strengthening its governance capability with a dedicated Security & Privacy GRC Engineer. This role is focused on the intersection of information security, privacy engineering, and risk, supporting regulated workloads and customer-facing platforms.
This is a hands‑on governance role – close to systems, data flows, and control implementation – rather than a policy-only position.
The Role
You’ll work with security and privacy governance across cloud services, internal platforms, and third‑party providers. The focus is on maintaining a mature ISMS, embedding privacy‑by‑design principles, and translating regulatory and framework requirements into controls that are practical, auditable, and scalable.
You’ll work closely with engineering, IT, legal, and product teams to ensure security and privacy requirements are built into how systems operate day to day.
Key Responsibilities
Own and maintain the ISMS aligned to ISO 27001, with extension into ISO 27701 and cloud privacy controls
Embed GDPR and privacy-by-design requirements into system design, access models, and data handling processes
Lead and support audits and attestations (ISO, SOC 2), including evidence management and remediation
Perform security and privacy risk assessments aligned to ISO 31000
Maintain and improve control mappings across NIST, CSA CCM, COBIT, and internal standards
Support third-party and cloud provider risk assessments, including data protection and residency considerations
Define and maintain policies for data classification, retention, encryption, and access control
Partner with engineering teams to ensure controls are implemented, monitored, and tested in practice
Track risks, exceptions, and security metrics, providing clear reporting to stakeholders
Skills & Experience
4-7 years’ experience in security governance, privacy, risk, or compliance-focused roles
Strong working knowledge of GDPR, ISO 27001, ISO 27701, and ISO 27018
Experience mapping and operating controls across SOC 2, NIST, CSA CCM, COBIT, PCI-DSS
Understanding of privacy engineering concepts, data lifecycle management, and risk-based decision making
Comfortable working with technical teams on cloud, identity, and data platforms
Strong documentation, audit, and stakeholder communication skills
Reperio Human Capital acts as an Employment Agency and an Employment Business.
#J-18808-Ljbffr