Security & Privacy GRC Engineer Location: Dublin Type: Full-Time Salary: €80,000 - €100,000 A security-conscious organisation operating across cloud-first and data-driven environments is strengthening its governance capability with a dedicated Security & Privacy GRC Engineer. This role is focused on the intersection of information security, privacy engineering, and risk, supporting regulated workloads and customer-facing platforms. This is a hands-on governance role - close to systems, data flows, and control implementation - rather than a policy-only position. The Role You'll work with security and privacy governance across cloud services, internal platforms, and third-party providers. The focus is on maintaining a mature ISMS, embedding privacy-by-design principles, and translating regulatory and framework requirements into controls that are practical, auditable, and scalable. You'll work closely with engineering, IT, legal, and product teams to ensure security and privacy requirements are built into how systems operate day to day. Key Responsibilities Own and maintain the ISMS aligned to ISO 27001, with extension into ISO 27701 and cloud privacy controls Embed GDPR and privacy-by-design requirements into system design, access models, and data handling processes Lead and support audits and attestations (ISO, SOC 2), including evidence management and remediation Perform security and privacy risk assessments aligned to ISO 31000 Maintain and improve control mappings across NIST, CSA CCM, COBIT, and internal standards Support third-party and cloud provider risk assessments, including data protection and residency considerations Define and maintain policies for data classification, retention, encryption, and access control Partner with engineering teams to ensure controls are implemented, monitored, and tested in practice Track risks, exceptions, and security metrics, providing clear reporting to stakeholders Skills & Experience 4-7 years' experience in security governance, privacy, risk, or compliance-focused roles Strong working knowledge of GDPR, ISO 27001, ISO 27701, and ISO 27018 Experience mapping and operating controls across SOC 2, NIST, CSA CCM, COBIT, PCI-DSS Understanding of privacy engineering concepts, data lifecycle management, and risk-based decision making Comfortable working with technical teams on cloud, identity, and data platforms Strong documentation, audit, and stakeholder communication skills Reperio Human Capital acts as an Employment Agency and an Employment Business. Skills: iso 27001 GRC Compliance Security Dublin Benefits: Work From Home