GRC Engineer
About The Position
Brewer Science, Inc. is a major innovator of high-technology solutions for the semiconductor / microelectronics markets. We are currently seeking a purpose-driven candidate with an ownership mentality to fill an open position as a GRC Engineer. This position will be located in Rolla, MO with some opportunity for hybrid work. Applicants must be authorized to work for any employer in the U.S. We are unable to sponsor an employment visa for this position. Summary: GRC Engineers own and scale the company’s governance, risk, and compliance programs, functioning in a hands-on, operational role. They are responsible for building, maintaining, and continuously improving the company’s security compliance posture. This role works closely with security, engineering, IT, legal, and external auditors to ensure controls are implemented, evidence is automated when possible, and audits run smoothly.
Requirements
- GRC Engineer II: Bachelor's degree in cybersecurity, computer science, IT or related field and 2+ years’ experience in a related field or Master’s degree in cybersecurity, computer science, IT, or related field and Certification such as ISO 27001 Lead Implementer/Auditor, CISA, CRISC, or CISSP An equivalent combination of education and experience.
- GRC Engineer III: Bachelor's degree in cybersecurity, computer science, IT or related field and 4+ years’ experience in a related field or Master’s degree in cybersecurity, computer science, IT, or related field and 2+ years’ experience in a related field and Certification such as ISO 27001 Lead Implementer/Auditor, CISA, CRISC, or CISSP An equivalent combination of education and experience.
Responsibilities
- Own and manage ISO 27001 and NIST 800-171 compliance programs end-to-end
- Administer and optimize the primary GRC platform, including: Control mapping and framework configuration Evidence automation and integrations Continuous monitoring and remediation tracking
- Lead audit readiness activities, including gap assessments, internal audits, and external auditor coordination
- Translate security and compliance requirements into practical, scalable controls
- Partner with Manufacturing and IT to implement and validate technical controls (e.g., access management, logging, endpoint security)
- Develop and maintain security policies, standards, and procedures aligned to ISO 27001 and NIST 800-171
- Track and manage risks, exceptions, and corrective action plans
- Monitor control effectiveness and drive continuous improvement
- Stay current on regulatory, customer, and industry security requirements
- Lead complex ISO 27001 and NIST 800-171 implementations across facilities
- Design and mature control frameworks for IT and OT environments
- Conduct advanced risk assessments for manufacturing systems, lab systems, and cloud platforms
- Architect GRC platform enhancements and automation strategies
- Develop control testing methodologies and assurance processes
- Lead complex audit engagements and remediation programs
- Provide technical advisory support for secure system and process design
- Standardize control implementation across multiple plants
- Mentor junior engineers on technical GRC practices
Benefits
- Medical, dental, vision, life, long- and short-term disability, identity theft protection, and pet insurance
- Paid leave, including community service leave, wellness breaks, and other special leave
- Employee stock ownership, 401k, and bonus plans
- Educational assistance & employee assistance program
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
