IT Governance, Risk, and Compliance (IT GRC) Engineering Principal

Summary
The IT GRC Engineering Principal is the senior technical leader responsible for architecting, building, and maintaining the systems, workflows, automation, and integrations that power the IT Governance, Risk, and Compliance division. This role transforms manual processes into scalable, automated capabilities and ensures seamless integration across the Information Risk and Cybersecurity (IRC) department's technology ecosystem. The Principal serves as a trusted advisor to the VP of IT GRC and plays a critical role in shaping the technical strategy and execution of the IT GRC division.
Primary Duties & Responsibilities
Technical Strategy and Leadership

• Develop and direct the technical strategy and execution roadmap for GRC platforms, automation, integration patterns, and data models in coordination with IT GRC Strategy Lead.
• Participate in efforts to establish a cohesive automation strategy within the IRC department, driving collective advancements in automation objectives.
• Align GRC technology strategies with broader organizational functions to ensure cohesive and effective operations.

Systems Architecture and Integration

• Build and implement integrations between GRC systems and enterprise platforms (e.g., CMDB, IAM, monitoring tools), ensuring real-time visibility into risk and compliance posture.
• Implement and refine system standards, workflow logic, and data schemas to align with the established IT Process, Risk, and Control Framework. Ensure these technical components support consistency, quality, and adherence to existing control requirements.

Automation and Modernization

• Lead the automation of GRC processes such as evidence collection, control testing, compliance reporting, risk scoring, and issue tracking.
• Drive the transformation from manual governance processes to automated, embedded, and measurable frameworks.

Data Management and Reporting

• Develop data models and dashboards that provide meaningful insights into risk, compliance, and control effectiveness.
• Ensure data quality, normalization, and consistency across the IT GRC technology ecosystem.

Mentorship and Cross-Functional Collaboration

• Mentor IT GRC analysts, engineers, and process owners on workflow automation, systems design, and technical enablement.
• Facilitate cross-functional initiatives and the flow of information between stakeholders and other teams.

Trusted Advisor and Strategic Partner

• Act as a critical advisor to the VP of IT GRC by offering technical insights and support for strategic planning, roadmap development, and operational planning, ensuring that technical solutions align with broader strategic goals.
• As a member of the IT GRC Leadership Team, contribute to identifying and addressing barriers to success by developing and implementing strategic solutions and fostering collaboration across the team.

Qualifications

• Bachelor's or Master's degree in Computer Science, Information Technology, or a related field.
• 10-15 years of professional experience in IT governance, risk, and compliance, with a focus on technical strategy and architecture.
• Leadership experience in managing diverse teams and working across organizational boundaries.
• Expertise in GRC platform architecture and administration (e.g., ServiceNow GRC/IRM, Archer, OneTrust, Fusion).
• Proficiency in systems integration (APIs, service buses) and automation design (scripting, low-code platforms).
• Strong interpersonal and presentation skills, with the ability to communicate effectively at all organizational levels, including senior leaders.
• Proven problem-solving, strategic, and critical thinking skills.
• High degree of learning agility, with the ability to anticipate needs and adapt in a dynamic environment.

Compensation Range:
Pay Range - Start:
Pay Range - End:
Geographic Specific Pay Structure:
Structure 110:
$149,380.00 USD - $277,420.00 USD
Structure 115:
$156,170.00 USD - $290,030.00 USD
We believe in fairness and transparency. It's why we share the salary range for most of our roles. However, final salaries are based on a number of factors, including the skills and experience of the candidate; the current market; location of the candidate; and other factors uncovered in the hiring process. The standard pay structure is listed but if you're living in California, New York City or other eligible location, geographic specific pay structures, compensation and benefits could be applicable, click here to learn more.
Grow your career with a best-in-class company that puts our clients' interests at the center of all we do. Get started now!
Northwestern Mutual is an equal opportunity employer who welcomes and encourages diversity in the workforce. We are committed to creating and maintaining an environment in which each employee can contribute creative ideas, seek challenges, assume leadership and continue to focus on meeting and exceeding business and personal objectives.
Skills
Analytical Thinking (NM) - Advanced, Compliance (NM) - Advanced, Risk Consulting (NM) - Advanced, Risk Optimization (NM) - Advanced, Learning Agility & Critical Thinking (NM) - Expert, Cross Functional Partnering & Planning (NM) - Expert, Data Security (NM) - Expert, Risk Assessment & Identification (NM) - Expert, Customer Centricity (NM) - Expert, Risk Mitigation (NM) - Expert, Remediation Planning (NM) - Advanced, Coaching & Mentoring (NM) - Advanced, Engineering Expertise & Practices (NM) - Expert, Business Application (NM) - Advanced, Adaptive Communication (NM) - Advanced, Strategic Vision & Planning (NM) - Intermediate, Negotiation & Managing Objection (NM) - Advanced, Strategic Thinking (NM) - Expert, Process Improvement (NM) - Advanced, Risk Governance (NM) - Advanced, Risk Management Strategy (NM) - Advanced, Scenario Planning (NM) - Intermediate, Technology Integration (NM) - Intermediate
FIND YOUR FUTURE
We're excited about the potential people bring to Northwestern Mutual. You can grow your career here while enjoying first-class perks, benefits, and our commitment to a culture of belonging.

• Flexible work schedules
• Concierge service
• Comprehensive benefits
• Employee resource groups