Cybersecurity GRC Lead

About The Position

Requirements

• 5+ years of experience in cybersecurity, GRC, or risk management within regulated environments
• Strong experience in healthcare, medical devices, life sciences, or similar regulated industries
• Deep understanding of frameworks such as NIST, IEC standards, and regulatory expectations
• Proven ability to lead cross-functional initiatives without direct authority
• Experience supporting audits, inspections, and customer security assessments
• Strong analytical, communication, and stakeholder management skills
• Bachelor’s degree in Cybersecurity, Computer Science, Engineering, or related field

Responsibilities

• Own and manage the cybersecurity GRC program, including control schedules and compliance activities
• Maintain policies, procedures, and control documentation
• Define roles, responsibilities, and escalation paths across teams
• Provide regular reporting on KPIs, KRIs, and risk posture to leadership
• Track cybersecurity requirements from internal, customer, and regulatory sources
• Manage cybersecurity risk assessments and remediation tracking
• Maintain and update the risk register
• Act as the central point of coordination across Engineering, IT, Security, Quality, and Regulatory teams
• Support audit and inspection readiness by ensuring all required artifacts are current and accessible
• Coordinate responses to security questionnaires, audits, and customer requests
• Oversee execution of recurring controls such as access reviews, vulnerability scans, and patch management
• Ensure proper tracking of remediation activities and SLA adherence
• Coordinate supplier and third-party security requirements
• Drive improvements in GRC processes, reporting, and documentation
• Enhance dashboards, templates, and evidence tracking systems

Benefits

• Base Salary: $118,500 – $148,100
• 10% annual bonus
• Comprehensive benefits package