Governance, Risk, and Compliance Engineer, Blue Ash, Ohio, United States

About Cognizant

Cognizant is one of the world’s leading professional services companies, helping clients modernize technology, reimagine processes, and manage risk in complex and highly regulated environments. Cognizant supports secure, compliant, and resilient operations across industries.

Role Summary

The Governance, Risk, and Compliance (GRC) Engineer supports the implementation, validation, and continuous monitoring of security and compliance controls across the organization. This role ensures alignment with regulatory and contractual requirements and maintains audit readiness against frameworks such as NIST SP 800‑171 and CMMC Level 2. The GRC Engineer works closely with technology teams and business stakeholders to assess risk, remediate gaps, and improve compliance processes.

Key Responsibilities

Support the implementation and validation of security and compliance controls aligned with NIST SP 800‑171 and CMMC Level 2.
Ensure compliance evidence is accurate, complete, and audit‑ready.
Collaborate with service owners to conduct risk assessments, document findings, and track remediation activities through closure.
Maintain and update risk registers, including residual risk and mitigation plans.
Prepare audit artifacts and coordinate walkthroughs and interviews for internal and external audits.
Drive remediation efforts with control owners and support prevention of recurring audit findings.
Contribute to the creation, review, and revision of security and compliance policies.
Support role‑based security training, awareness activities, and phishing campaigns.
Develop and maintain reporting workflows to track compliance status, risk metrics, and remediation progress.
Partner with cross‑functional teams to translate compliance requirements into operational processes.
Participate in onsite or virtual audits as required to verify ongoing compliance.

Required Qualifications

3+ years of experience in governance, risk, compliance, information security, or a related field.
Experience supporting compliance initiatives aligned with NIST SP 800‑171 and CMMC Level 2.
Working knowledge of vulnerability management and risk management practices.
Experience with governance, risk, and compliance platforms and IT service management tools.
Familiarity with ISO 27001 and information security awareness programs.
Strong documentation, organizational, and communication skills.

Preferred Qualifications

Security or compliance certifications such as Security+, CISA, CISM, CISSP, ISO 27001 Lead Implementer/Auditor, CCP, or CMMC Certified Professional.
Experience maintaining audit‑ready evidence and supporting remediation activities across multiple teams.

Work Model

We believe hybrid work is the way forward as we strive to provide flexibility wherever possible. Based on this role’s business requirements, this is a hybrid position requiring 3 days a week in our office in Blue Ash, Ohio. Regardless of your working arrangement, we are here to support a healthy work-life balance though our various wellbeing programs.

The working arrangements for this role are accurate as of the date of posting. This may change based on the project you’re engaged in, as well as business and client requirements. Rest assured; we will always be clear about role expectations.

We're excited to meet people who share our mission and can make an impact in a variety of ways. Don't hesitate to apply, even if you only meet the minimum requirements listed. Think about your transferable experiences and unique skills that make you stand out as someone who can bring new and exciting things to this role.

Legal & Work Authorization

Candidates must be legally authorized to work in the United States. Employment eligibility verification will be required at the time of hire.

Applications will be accepted until June 25, 2026.

Over Cognizant
Cognizant (NASDAQ: CTSH) is een bouwer van AI-oplossingen en een leverancier van technologiediensten. Wij slaan de brug tussen AI-investeringen en ondernemingswaarde door het bouwen van full-stack AI-oplossingen voor onze klanten. Onze diepgaande kennis van sectoren, processen en engineering stelt ons in staat om de unieke context van een organisatie te verankeren in technologische systemen. Deze systemen versterken het menselijk potentieel, realiseren tastbare resultaten en geven wereldwijde ondernemingen een voorsprong in een snel veranderende wereld. Ontdek hoe op cognizant.ai of @cognizant.

Aanvullende arbeidsinformatie
De informatie over de beloning is correct op de datum van deze vacature. Cognizant behoudt zich het recht voor om deze informatie op elk moment te wijzigen, met inachtneming van de toepasselijke wetgeving.

Van sollicitanten kan worden verwacht dat zij gesprekken bijwonen, persoonlijk of via een videogesprek. Daarnaast kan van kandidaten worden gevraagd om tijdens elk gesprek een geldig, door de overheid uitgegeven identiteitsbewijs (zoals een identiteitskaart of paspoort) te tonen.

Cognizant is een werkgever die gelijke kansen biedt. Je sollicitatie en kandidatuur worden niet beoordeeld op basis van ras, huidskleur, geslacht, religie, levensovertuiging, seksuele geaardheid, genderidentiteit, nationale afkomst, handicap, genetische informatie, zwangerschap, veteranenstatus of enige andere eigenschap die wordt beschermd door federale, regionale of lokale wetgeving.