Sr Manager, IT GRC

Reporting to the Chief Information Security Officer (CISO), the Senior Manager, IT GRC leads the company’s IT governance, risk management, and compliance initiatives. This role is responsible for developing, implementing, and maintaining policies, processes, and controls to ensure the organization’s information assets and systems are protected and compliant with internal and external requirements.

Requirements

• Lead and manage the IT GRC program, including policy development, risk assessments, risk register, compliance monitoring, and audit coordination.
• Collaborate with business partners and IT resources to identify risk, develop remediation plans, track resolution.
• Oversee the implementation and maintenance of controls to meet regulatory, contractual, and internal requirements (e.g., SOX, NIST, ISO 27001).
• Administer and mature the enterprise GRC platform (e.g., AuditBoard, SecureEnds, ServiceNow); implement workflows, dashboards, and automated testing.
• Support incident response and vulnerability management activities as they relate to compliance and risk.
• Support commercial and legal teams with customer security inquiries and compile packages to support commercial pursuits in regulated markets
• Lead the utilization of IRX business system in your area of responsibility

Benefits

• Paid time off
• 401k matching
• Retirement plan
• Visa sponsorship