Governance, Risk, and Compliance Engineer, Blue Ash, Ohio, United States

About Cognizant

Cognizant is one of the world’s leading professional services companies, helping clients modernize technology, reimagine processes, and manage risk in complex and highly regulated environments. Cognizant supports secure, compliant, and resilient operations across industries.

Role Summary

The Governance, Risk, and Compliance (GRC) Engineer supports the implementation, validation, and continuous monitoring of security and compliance controls across the organization. This role ensures alignment with regulatory and contractual requirements and maintains audit readiness against frameworks such as NIST SP 800‑171 and CMMC Level 2. The GRC Engineer works closely with technology teams and business stakeholders to assess risk, remediate gaps, and improve compliance processes.

Key Responsibilities

Support the implementation and validation of security and compliance controls aligned with NIST SP 800‑171 and CMMC Level 2.
Ensure compliance evidence is accurate, complete, and audit‑ready.
Collaborate with service owners to conduct risk assessments, document findings, and track remediation activities through closure.
Maintain and update risk registers, including residual risk and mitigation plans.
Prepare audit artifacts and coordinate walkthroughs and interviews for internal and external audits.
Drive remediation efforts with control owners and support prevention of recurring audit findings.
Contribute to the creation, review, and revision of security and compliance policies.
Support role‑based security training, awareness activities, and phishing campaigns.
Develop and maintain reporting workflows to track compliance status, risk metrics, and remediation progress.
Partner with cross‑functional teams to translate compliance requirements into operational processes.
Participate in onsite or virtual audits as required to verify ongoing compliance.

Required Qualifications

3+ years of experience in governance, risk, compliance, information security, or a related field.
Experience supporting compliance initiatives aligned with NIST SP 800‑171 and CMMC Level 2.
Working knowledge of vulnerability management and risk management practices.
Experience with governance, risk, and compliance platforms and IT service management tools.
Familiarity with ISO 27001 and information security awareness programs.
Strong documentation, organizational, and communication skills.

Preferred Qualifications

Security or compliance certifications such as Security+, CISA, CISM, CISSP, ISO 27001 Lead Implementer/Auditor, CCP, or CMMC Certified Professional.
Experience maintaining audit‑ready evidence and supporting remediation activities across multiple teams.

Work Model

We believe hybrid work is the way forward as we strive to provide flexibility wherever possible. Based on this role’s business requirements, this is a hybrid position requiring 3 days a week in our office in Blue Ash, Ohio. Regardless of your working arrangement, we are here to support a healthy work-life balance though our various wellbeing programs.

The working arrangements for this role are accurate as of the date of posting. This may change based on the project you’re engaged in, as well as business and client requirements. Rest assured; we will always be clear about role expectations.

We're excited to meet people who share our mission and can make an impact in a variety of ways. Don't hesitate to apply, even if you only meet the minimum requirements listed. Think about your transferable experiences and unique skills that make you stand out as someone who can bring new and exciting things to this role.

Legal & Work Authorization

Candidates must be legally authorized to work in the United States. Employment eligibility verification will be required at the time of hire.

Applications will be accepted until June 25, 2026.

Über Cognizant 
Cognizant (NASDAQ: CTSH) i ist ein Technologiedienstleister und Entwickler von KI-Lösungen. Wir schlagen die Brücke zwischen KI-Investitionen und echtem unternehmerischem Mehrwert, indem wir ganzheitliche Full-Stack-KI-Lösungen für unsere Kunden entwickeln. Mit unserer fundierten Branchen-, Prozess- und Engineering-Expertise integrieren wir die spezifischen Anforderungen von Unternehmen passgenau in Technologiesysteme. So entfalten wir das menschliche Potenzial, erzielen greifbare Ergebnisse und sichern globalen Unternehmen in einer sich rasant wandelnden Welt den entscheidenden Vorsprung. Erfahren Sie mehr unter cognizant.ai oder @cognizant.

Zusätzliche Informationen zur Beschäftigung
Die Vergütungsinformationen sind zum Zeitpunkt der Veröffentlichung dieser Stellenausschreibung korrekt. Cognizant behält sich das Recht vor, diese Informationen jederzeit unter Beachtung der geltenden gesetzlichen Bestimmungen zu ändern.

Bewerberinnen und Bewerber können verpflichtet sein, an Vorstellungsgesprächen persönlich oder per Videokonferenz teilzunehmen. Darüber hinaus kann es erforderlich sein, bei jedem Gespräch einen gültigen staatlichen Lichtbildausweis vorzulegen.

Cognizant ist ein Arbeitgeber mit Chancengleichheit. Ihre Bewerbung und Kandidatur werden nicht aufgrund von Rasse, Hautfarbe, Geschlecht, Religion, Glaubensbekenntnis, sexueller Orientierung, Geschlechtsidentität, nationaler Herkunft, Behinderung, genetischen Informationen, Schwangerschaft, Veteranenstatus oder sonstiger durch bundes‑, landes‑ oder kommunalrechtliche Vorschriften geschützter Merkmale berücksichtigt oder abgelehnt.