Governance, Risk, Compliance (GRC) Manager

SoFi•Cottonwood Heights, UT

19h

About The Position

The role: The Governance, Risk, Compliance Manager (GRC) is responsible for the creation, maintenance, monitoring and iteration of the GRC requirements of the entire GlobalSecurity & Investigations team. The team consists of the Physical Security Team, theInternal Investigations Team and the Executive Protection Team. Key areas of responsibility include: all governance, risk, compliance, issue management,business impact analysis, business controls testing, audit and regulatory engagement,business continuity, and RCSA. This role reports directly to the Head of Global Security &Investigations and will work closely with leaders across the enterprise.This role has the potential to grow into a larger scope, assisting senior members of the Legal Team with their GRC requirements.

Requirements

5 years of experience working in governance, risk management, or compliance.
Ability to maintain discretion and confidentiality.
Experience with the risk control self assessment process.
Experience with the issue management process.
Strong analytical skills for identifying, mitigating, and monitoring risks.
Proven ability to solve complex and sensitive problems, and to work well under pressure.
Strong written and verbal communication skills for collaborating with stakeholders.
Technical curiosity and an interest in exploring data and understanding multiple systems.
Experience with risk assessment frameworks (NIST, ISO 27001).
Ability to work collaboratively with a strong attention to detail.
Experience operating in a matrix environment.
Ability to handle multiple and ever-changing priorities in a fast-paced environment.

Responsibilities

Create and maintain Physical Security, Internal Investigations, Executive Protection policies, standards, procedures and process documents.
Manage all audit, regulatory requirements and interactions for Physical Security and Internal Investigations.
Assist the Head of Global Security & Investigations in the development, implementation and supervision of operational, strategic and tactical planning.
Manage all operation risk management requirements for all teams.
Ensure adherence to legal, regulatory, and internal company standards, including data privacy and protective intelligence requirements.
Evaluate security risks posed by vendors and contractors.
Create and manage risk registers, tracking, and reporting for security, executives, and corporate leadership.
Own the issue management process for the entire Global Security & Investigation Team.
Collaborate with Business Controls Testing to ensure all controls are operating effectively.
Partner and work closely with the Internal Investigations Director.
Partner and work closely with the Physical Security Senior Manager.
Partner with the Site Leadership Team to plan and prepare for emergencies, including natural disasters, injury, workplace threat, etc.
Effectively build relationships and communicate with key executive and employee stakeholders across the enterprise.
Evaluate policy, standard, procedure, process document adherence.
Analyze the root cause of compliance breaches.
Assist in the management of incident response to mitigate risks.
Collect and analyze data to create respective documentation and reports.
Create and maintain dashboards to show a comprehensive overview of data from different sources, to include monitoring, measuring, and analyzing relevant data in key areas.
Work closely with the Business Continuity Team to ensure business impact analysis compliance.
Prepare materials for presentation to the General Counsel, Chief Financial Officer and Chief Executive Officer.