Manager of Governance, Risk, and Compliance (GRC)

The Manager of Governance, Risk, and Compliance (GRC) will lead governance, risk, and compliance initiatives across the insurance software business unit, ensuring alignment with corporate cybersecurity standards, regulatory frameworks, and customer contractual obligations.

Requirements

• 7+ years of progressive experience in cybersecurity and information technology
• Bachelor's degree in Cybersecurity, Information Systems, Computer Science, or related field
• Experience managing risk and compliance for commercial cloud-hosted environments (AWS, Azure, Google)
• Hands-on experience with compliance frameworks such as: SSAE 18 (SOC 1 & 2), ISO 27001/27701, NIST 800-53, NIST CSF, CIS
• Familiar with GDPR, CCPA and/or other data protection regulations
• Proven ability to manage audits, compliance assessments, and evidence collection in a fast-paced environment
• Strong understanding of DevSecOps, CI/CD pipelines, and shared responsibility models for software application security
• Demonstrated experience with risk management tools (e.g., Archer, ServiceNow GRC, OneTrust, LogicGate, etc.)
• Excellent communication and stakeholder management skills across technical and executive audiences

Benefits

• In-person collaboration
• Flexibility to support wellbeing, productivity, individual work styles, and life circumstances