Information Security GRC Manager

The Information Security Governance, Risk, and Compliance (GRC) Manager provides tactical leadership and operational oversight for key components of the company’s enterprise GRC program. This role is responsible for the day-to-day management of GRC analysts, driving compliance initiatives, managing the integrated risk assessment lifecycle, and ensuring control effectiveness.

Requirements

• Manage and mentor a team of GRC Security Analysts
• Oversee and execute the security risk assessment process
• Lead efforts to document, enforce, and communicate security policies and control frameworks
• Develop, implement, and maintain security policies and controls
• Act as the primary operational liaison for internal and external audits
• Provide direct support to the third-party risk management program
• Facilitate IT compliance activities
• Define and track qualitative and quantitative metrics to measure the success and maturity of the security program
• Support incident response and disaster recovery efforts
• Ensure the protection of critical data is maintained through established data classification, data loss prevention, and records retention requirements
• Manage information security training requirements for the organization

Benefits

• Comprehensive medical, dental, and company paid vision insurance
• 401(k) retirement plan with employer match
• Voluntary life and AD&D insurance options
• Voluntary supplemental insurances for accident, critical illness, and legal services
• Paid time off (PTO) and paid holidays
• Employee assistance and wellness programs
• Company paid short term disability coverage
• Company contributions to health saving funds
• Company paid access to Galileo for virtual primary care and Rula for virtual mental health resources