Information Security GRC Manager

About The Position

Requirements

• Proven leadership skills with the ability to build relationships and collaborate effectively with diverse stakeholders.
• Strong ability to influence, gain buy-in, and negotiate with senior management and key business partners.
• Experience in conducting Information Security risk assessments and IT/Security audits.
• Knowledge of industry standards and best practices related to Information Security and risk management.

Nice To Haves

• Experience with regulatory requirements related to Information Security.
• Familiarity with IT operations and security control effectiveness.

Responsibilities

• Conduct risk and standards-based Information Security risk assessments and IT/Security audits.
• Assess control effectiveness and associated Information Security capability maturity to drive strategic and operational prioritization for Information Security and Information Technology.
• Establish audit work programs to effectively evaluate IT operations, based on best practices, regulatory requirements, and the operating environment.
• Collaborate with stakeholders from Information Technology and Information Security architecture and operations teams to translate risk into a strategic and operational roadmap for the Information Security program.
• Serve as the primary liaison with key stakeholders, third-parties, and clients to coordinate internal and external security reviews and reporting.
• Maintain compliance with third-party security controls and provide subject matter expertise and independent validation of program health and metrics to senior leadership.

Benefits

• Opportunities for professional development and career advancement.
• Supportive work environment that embraces unique perspectives and experiences.