IT Governance & Risk Management Manager

About The Position

Requirements

• Bachelor's degree in Information Security, Information Technology, Risk Management, or a related field, or equivalent professional experience.
• 4+ years of progressive experience in cybersecurity, IT risk management, compliance, or governance-related roles.
• Knowledge of cybersecurity principles, technologies, and controls, including threat and vulnerability management, incident response, and security awareness.
• An understanding of our needs and delivering high-quality, prompt and efficient service to the business
• An understanding of organizational mission and goals, and application of this knowledge.
• Knowledge of methodologies and best practices in conducting risk assessments, implementing risk mitigation strategies, and monitoring risk management effectiveness.
• Work with other cybersecurity teams, such as Threat and Vulnerability, to help prioritize systems that need remediation or containment.
• Engage, identify and assess cybersecurity risks and develop appropriate risk mitigation strategies.
• Oversee programs and personnel.
• Lead teams in multiple projects.

Responsibilities

• Lead a cybersecurity GRC team, providing direction, coaching, performance feedback, and development opportunities while ensuring delivery of governance, risk, compliance, and security awareness services.
• Oversee daily process of GRC and security awareness services, ensuring the team or service providers plan, prioritize, and complete operational tasks.
• Ensure consistent application of cybersecurity policies, standards, and frameworks, validating that requirements are understood, implemented, and operationalized across the organization.
• Provide governance and decision support to partners, being the primary contact for cybersecurity risk, policy, and compliance questions across IT, Legal, Privacy, Procurement, Audit, and business teams.
• Manage third-party and customer-facing cybersecurity activities.
• Improve GRC processes and services, identifying opportunities to refine workflows, enhance tooling, improve service delivery, and mature organizational risk management capabilities.
• Manage program outcomes and metrics, including cyber risk reporting, compliance posture, audit readiness, and security awareness effectiveness; translate operational results into clear, executive level insights.

Benefits

• Comprehensive Medical benefits which could include medical, dental, vision, prescription coverage and Health Savings Account (HSA) with employer contributions options
• Wellness Programs designed to support employees in maintaining their health and well-being including Employee Assistance Program providing support for our employees and their household members
• 401(k) with Company Match Contributions to support employees' retirement
• Paid Vacations and Company Holidays
• Opportunities for Flexible Work Arrangements to promote work-life balance
• Educational Reimbursement and Comprehensive Career Programs to help employees grow in their careers
• Global Recognition and Service Programs to celebrate employee accomplishments and service
• Employee Referral Program