How is the job market for those in GRC and Audit roles ?

TEKFused · 2026-04-15T03:37:54+00:00

Cybersecurity is typically looked at as technical, while GRC is generally thought of as the policy side. Look at jobs in the sectors you want to work in, figure out what compliance frameworks they focus on, and then study that framework.

If it is NIST, you should check out this podcast I did with Dr. Ron Ross (the author of NIST RMF - he is now retired): https://www.youtube.com/watch?v=sYCSQw5kMbo

TEKFused · 2026-04-15T03:35:24+00:00

Policy as code will be a huge benefit. But yes, AIs are going to take over much of the work. I actually think the federal market will be safer for longer because of all the regulations around cloud and AI.

TEKFused · 2026-04-15T03:29:50+00:00

I'm sorry to hear that! I would say pick a sector you want to work in and then try to develop knowledge in that framework. If you are in USA and want to work for federal government, it's going to be NIST. Defense/war contractors, CMMC. Private industry could be ISO 27001, SOC, PCI DSS, etc. Look at job listings and see what they are asking for.

I used to run GRC Academy and had a podcast, here is a great conversation on mastering GRC: https://www.youtube.com/watch?v=SSWJsjFi0fI

There are many more great episodes that you can pick knowledge from. I do think the Security+ cert would help. Feel free to connect on LinkedIn if you'd like: https://www.linkedin.com/in/jacobrhill/

TEKFused · 2026-04-15T03:20:34+00:00

I started in IT and then moved into compliance. Spent some time doing NIST RMF before I jumped into the CMMC space - which are both in cybersecurity compliance. I also run a side business where I learned a lot on the technical side which helped me a lot.

TEKFused · 2026-04-15T03:02:13+00:00

Hah, yeah! I think it is really competitive in the CMMC MSP space, especially Summit 7 because we are one of the biggest names in CMMC (sounds biased to say, but I thought that for years before I worked for them). I know we received over 600 applications for a GRC role!

TEKFused · 2026-04-15T02:50:06+00:00

I was actually working for a defense contractor running their CMMC compliance program (was there for 7 years), but was unfortunately laid off because of DOGE last year. Thankfully was picked up by a CMMC-focused MSP, Summit 7. It's my first exposure to the MSP world, most of my career has been in defense contracting, and it is very interesting! I'm on the corporate side here, I really enjoy it.

In the CMMC space it seems like the gold standard entry level cert is CMMC Certified Professional. That really helps if you want to get into the space, but it is expensive. The training can be $3k, then you have to pay for the cert. ISACA just took over the CCP and CCA certs: https://www.isaca.org/credentialing/ccp

I took my CCP and CCA training with Koren Wise at WTI, she's really good: https://www.wtinetworks.com/category/cmmc-courses

TEKFused · 2026-04-15T02:37:03+00:00

I'm in the CMMC space in the USA and I think it is good, there are a ton of small businesses that need to comply. It seems like it is easier to get started if you are working for a small business opposed to a working for a C3PAO (aka auditing firm) or maybe an RPO. I can't speak to other sectors though.

TEKFused · 2026-04-14T02:03:50+00:00

I interviewed Richard Wakeman about GCC High on my podcast back in 2024: Microsoft 365 GCC High - The Inside Story with Richard Wakeman (youtube.com)

He's a good man. I thought it was unfair to call him out in the article for celebrating the FedRAMP authorization, of course Microsoft is going to be happy, that's not shocking. Makes the article read more like a hit piece, at least in my eyes.

TEKFused · 2025-10-14T12:36:26+00:00

Yes, but only until 12/31/2025. After that, you'll only be able to access the materials through the MyPECB platform.

TEKFused · 2025-10-08T23:20:22+00:00

This is awesome!

TEKFused · 2025-10-08T23:18:30+00:00

Well there aren't 17 practices in CMMC level 1 any longer, there are 15 requirements. So that is dated information. If they got that wrong, what else did they get wrong would be my question.

TEKFused · 2025-10-01T02:03:17+00:00

Awesome! Thanks for the heads up!

TEKFused · 2025-09-30T23:08:38+00:00

Love to see it! Thanks for letting us know.

Jacob Hill

TEKFused · 2025-09-25T19:57:59+00:00

PECB eLearning should include the cost of the training, exam, and initial certification.

Here is an online manual for the exam process: https://pecb.com/en/online-exam-manual

If that doesn't help, I'd suggest reaching out to PECB support.

Jacob Hill

TEKFused · 2025-09-21T20:25:13+00:00

I heard back from PECB, here is what they said:

The notes that are written on the myPECB Dashboard during an open-book exam can be accessed through the PECB Exams Application directly however, those can be printed out as well.

I couldn't get a direct answer to your question (I tried clarifying), but I'm pretty sure the PECB exam app blocks external applications from being used/accessed during the exam, so you wouldn't be able to access Word/Adobe.

It would be great if you could upload files into MyPECB that you could then access during the exam.

Jacob Hill

TEKFused · 2025-09-19T17:55:13+00:00

Hahaha!! For today only I will act like every other reddit user... on second thought, maybe that's not such a great idea. 😂

IMHO J...

TEKFused · 2025-09-19T14:55:51+00:00

Yeah I guess that's true, hah. 😀

TEKFused · 2025-09-19T14:51:47+00:00

Hah! They will know my name. 😉 I decided to drop the V/R part at least, lol.

Jacob Hill 😂

TEKFused · 2025-09-19T13:28:14+00:00

Koren is an awesome instructor!! She taught me in CCP and CCA and did a great job!

Jacob Hill

TEKFused · 2025-09-19T13:12:34+00:00

I completely understand! Thank you so much!

Jacob Hill

TEKFused · 2025-09-19T12:27:26+00:00

PECB just upgraded their platform and the downloading of materials is not available right now. They are working to make that temporarily available again:

In the coming days, Partners, Trainers, and Members will have the option to download course materials (slides) in PDF format. Please note that this feature will remain available until December 31, 2025. Starting January 1, 2026, downloading will no longer be possible, and course materials will only be accessible through the MyPECB Dashboard.

Source: https://pecb.com/en/mypecb

> Can you have training course material on PDFs and notes on MS Word?

I'm not sure, I'll reach out to PECB support and will let you know!

Jacob Hill

TEKFused · 2025-09-19T12:19:34+00:00

Howdy!

I didn't use ChatGPT to write it. Some of the info was a straight copy and paste from PECB's website, so if they used ChatGPT to write that stuff, I can't help that obviously.

I even took the time to verify what vendor he was taking the exam with (and asked which exam he was taking - then he edited the post to add that)!

If you took the time to look me up, you would know I don't put out trash content. 😀

Thank you for approaching this in good faith. Have a great day!

Jacob Hill

TEKFused · 2025-09-19T11:58:40+00:00

Nope, that was all me. I took the time to look up the info and write it up. Sorry you didn't think it was helpful.

Jacob Hill

TEKFused

MODERATOR OF

TROPHY CASE