Security & Privacy GRC EngineerThe following information aims to provide potential candidates with a better understanding of the requirements for this role.
Location:Dublin
Type:Full-Time
Salary:€80,000 - €100,000A security-conscious organisation operating across cloud-first and data-driven environments is strengthening its governance capability with a dedicated Security & Privacy GRC Engineer.
This role is focused on the intersection ofinformation security, privacy engineering, and risk, supporting regulated workloads and customer-facing platforms.This is a hands‑on governance role – close to systems, data flows, and control implementation – rather than a policy-only position.The Role
You'll work with security and privacy governance across cloud services, internal platforms, and third‑party providers.
The focus is on maintaining a mature ISMS, embedding privacy‑by‑design principles, and translating regulatory and framework requirements into controls that are practical, auditable, and scalable.You'll work closely with engineering, IT, legal, and product teams to ensure security and privacy requirements are built into how systems operate day to day.Key ResponsibilitiesOwn and maintain the ISMS aligned toISO 27001, with extension intoISO 27701and cloud privacy controlsEmbedGDPRand privacy-by-design requirements into system design, access models, and data handling processesLead and support audits and attestations (ISO, SOC 2), including evidence management and remediationPerform security and privacy risk assessments aligned toISO 31000Maintain and improve control mappings acrossNIST, CSA CCM, COBIT, and internal standardsSupport third-party and cloud provider risk assessments, including data protection and residency considerationsDefine and maintain policies for data classification, retention, encryption, and access controlPartner with engineering teams to ensure controls are implemented, monitored, and tested in practiceTrack risks, exceptions, and security metrics, providing clear reporting to stakeholdersSkills & Experiencexsokbrc
4-7 years' experience in security governance, privacy, risk, or compliance-focused rolesStrong working knowledge ofGDPR ,ISO 27001 ,ISO 27701, andISO 27018Experience mapping and operating controls acrossSOC 2, NIST, CSA CCM, COBIT, PCI-DSSUnderstanding of privacy engineering concepts, data lifecycle management, and risk-based decision makingComfortable working with technical teams on cloud, identity, and data platformsStrong documentation, audit, and stakeholder communication skillsReperio Human Capital acts as an Employment Agency and an Employment Business.