CYE
CYE

Cybersecurity Architect (GRC & Risk)

TLDR

Lead security governance, risk assessments, and develop risk-focused methodologies while collaborating with security leaders and engineering teams.

Cye is seeking a Cybersecurity Architect (GRC & Risk) to join our cybersecurity architecture team. In this role, you will lead security governance, risk, and control assessments, conduct third-party due diligence, support maturity assessments, and drive mitigation and architectural review processes. You’ll work closely with CISOs, security leaders, engineering teams, and customers to develop risk-focused methodologies and improve security frameworks. This position is best suited for candidates with a technical GRC, risk, or security assessment background who excel in analysis, interpretation, and structuring of security information. Responsibilities
  • Lead customer thirdparty security due diligence assessments.
  • Lead mitigation workshops to translate penetration test and assessment findings into prioritized remediation workplans.
  • Perform security maturity assessments, including reviews of organizational policies, standards, procedures, and governance practices, aligned with the NIST CSF 2.0 cybersecurity framework.
  • Develop and refine security methodologies, processes, and architectural guidance.
  • Maintain internal documentation and ensure alignment between frameworks, processes, and practical implementation.
  • Analyze technical findings and map them to governance, risk, and control gaps.
  • Produce clear, structured reports and executiveready summaries for technical and nontechnical audiences. 
  • Qualifications
  • 3-4 years in cybersecurity GRC, IT risk, compliance, audit/assurance, or related processoriented security roles.
  • Strong understanding of governance, risk management, and operational processes.
  • Familiarity with cybersecurity frameworks (NIST CSF, ISO 27001 concepts), risk assessment, mitigation planning, and thirdparty risk management.
  • Basic conceptual understanding of cloud/SaaS shared responsibility models.
  • Ability to communicate technical issues in businessaligned language.
  • Hands-on experience with security controls – an advantage. 
  • Strong writing, communication, and facilitation skills.
  • Comfortable collaborating with internal stakeholders and external customers. 
  • About us
    Cye helps security and risk leaders gain a clear, defensible view of their cyber exposure, grounded in financial impact and real-world attack paths. By continuously quantifying exposure and validating it in context, organizations can establish a strong baseline, prioritize decisions with confidence, and track measurable reduction over time. 

    Cye provides security and risk leaders with a clear and defensible perspective on their cyber exposure, linking it to financial implications and real-world attack scenarios. By continuously quantifying risks and validating findings within their context, organizations can create a strong baseline, confidently prioritize their security decisions, and measure their progress over time.

    View company profile
    Apply for this job