✦ Luna Orbit — Cybersecurity

Engineer, Information Security GRC

at Intercontinental Exchange

Unknown Posted April 18, 2026
Apply Now → ← Browse All Jobs

Position Details

Type Not Specified
Experience mid
Exp. Years 3+ years
Education University degree in Information Security, Engineering, MIS, CIS, or related discipline
Category Cybersecurity

About this role

Engineer, Information Security GRC supports the global Information Security program across governance, risk, and compliance. The role focuses on security metrics reporting, policy/control mapping, regulatory/audit documentation, recertification and access reviews, security awareness, and risk assessment and remediation tracking.

Key Responsibilities

  • Produce security metrics reports
  • Maintain and map information security policies to control standards
  • Organize regulator/audit/customer inquiry documentation
  • Operate recertification and access review processes
  • Build and operate risk assessment platform for assessments, risks, controls, findings, and remediation

Technical Overview

Operating within Governance, Risk, and Compliance, this role uses automated and manual reporting to communicate security program status. It works with cybersecurity frameworks (NIST, COBIT), manages vulnerability management, and uses Excel, workflow automation tools, scripting (regular expressions and string-parsing), and GRC Platforms to collect, normalize, correlate, and visualize security/risk data.

Ideal Candidate

The ideal candidate is an Information Security GRC Engineer with 3+ years of experience supporting global security governance, risk, and compliance. They can produce security program metrics, manage policy/control mapping, run recertification and access review processes, and operate risk assessment and vulnerability management activities using GRC platforms and Excel.

Must-Have Skills

University degree in Information SecurityEngineeringMISCISor related discipline3+ years of relevant work experienceExperience in Cybersecurity Framework (such as NISTCOBIT)Experience with Regulatory ComplianceSecurity Metrics - Uses automated and manual processes to produce regular reportsRisk Assessment - Builds and operates the company platform to documentmeasureand report assessmentsriskscontrolsfindingsand remediation activityAdvanced technical writing and/or communication education and experience

Nice-to-Have Skills

Experience with Systems Administration and/or IP NetworkingExperience in an exchangetrading facilityor financial servicesExperience with Customer communication and Vendor evaluationAdvanced certifications (for examplethe CISSP)Experience with senior management and board metrics generation and communication

Tools & Platforms

ExcelWorkflow automation toolsNIST Cyber Security FrameworkCISGRC Platforms

Required Skills

Security Metricsautomated and manual processesInformation Security policiesPolicies and Proceduresregulator audit and customer inquiriesrecertificationaccess reviewssecurity awareness programsrisk assessment platformassessmentsriskscontrolsfindingsremediation activityvulnerability management programCybersecurity Framework (NISTCOBIT)systems administrationIP networkingregulatory compliancecustomer communicationvendor evaluationsenior management and board metrics generation and communicationadvanced technical writingExcelWorkflow automation toolsdata collectiondata normalizationindexingcorrelationvisualizationscriptingregular expressionsstring-parsinglight SDLCproject managementNIST Cyber Security FrameworkCISGRC Platforms

Hard Skills

Security metrics reportingAutomated and manual processesInformation Security policiesPolicies and Procedures mappingControl standards mappingRegulatorAuditand Customer Inquiries documentation managementRecertification processesAccess reviewsHire transfer termination protocols complianceSecurity awareness programsRisk assessment documentationAssessmentsRisksControlsFindingsRemediation activity trackingVulnerability management programCybersecurity Framework (NIST)Cybersecurity Framework (COBIT)Systems AdministrationIP NetworkingRegulatory ComplianceCustomer communicationVendor evaluationBoard metrics generation and communicationAdvanced technical writingTechnical communicationExcelWorkflow automation toolsData collectionData normalizationIndexingCorrelationVisualizationScriptingRegular expressionsString-parsinglight SDLCProject managementNIST Cyber Security FrameworkCISGRC Platforms

Soft Skills

Stakeholder communicationCustomer communicationOrganized and repeatable inquiry responsesVendor communicationEducation and awareness buildingMetrics communication to senior management and boardRisk-focused mindsetCross-functional collaboration

Certifications

Preferred

CISSP

Industry & Role

Industry Fintech
Job Function Operate security governance and compliance processes for the global Information Security program
Role Subtype GRC Analyst
Tech Domains Cybersecurity

Keywords for Your Resume

EngineerInformation Security GRCGovernanceRiskand ComplianceSecurity MetricsPolicies and ProceduresRegulatorAuditand Customer InquiriesRecertificationaccess reviewsSecurity AwarenessRisk Assessmentvulnerability management programNISTCOBITCybersecurity FrameworkRegulatory ComplianceCISSPExcelWorkflow automation toolsData collectionData normalizationscriptingregular expressionsstring-parsinglight SDLCGRC Platforms

Deal Breakers

Must have 3+ years of relevant work experience, Must have experience in Cybersecurity Framework (NIST, COBIT), Must have experience with Regulatory Compliance, Must have advanced technical writing and/or communication education and experience

Apply for this Position →

Get matched to jobs like this

Luna finds roles that fit your skills and career goals — no endless scrolling required.

Create a Free Profile