DICK'S Sporting Goods

Senior Manager, Information Security Risk Management

DICK'S Sporting Goods

full-time

Posted on:

Location Type: Remote

Location: United States

Visit company website

Explore more

AI Apply
Apply

Salary

💰 $95,200 - $158,800 per year

Job Level

Senior

Tech Stack

AWSAzureCloudCyber SecurityGoogle Cloud PlatformServiceNow

About the role

  • Build and lead a high-performing GRC/risk team (analysts, engineers, control owners).
  • Own the selection, implementation, configuration, and continuous improvement of the GRC platform (e.g., ServiceNow GRC, Archer, OneTrust, LogicGate, MetricStream, similar).
  • Establish a risk-based control testing and continuous control monitoring (CCM) program.
  • Design, implement, and mature an enterprise Information Security Risk Management (ISRM) program aligned to business strategy and regulatory requirements.
  • Act as a trusted advisor to senior leaders on risk appetite, emerging risks, and investment trade-offs.
  • Coordinate audit readiness and responses (internal audit, external audit, regulatory inquiries); ensure defensible evidence management.

Requirements

  • 7-10 years progressive experience in Information Security, Risk, or Audit with 3–5+ years leading teams and/or owning a GRC platform.
  • Bachelor's Degree: Information Systems, Computer Science, Cybersecurity, or related; or equivalent experience.
  • Strong knowledge of risk and control frameworks and regulations: NIST CSF/800-53, ISO 27001, SOC 2, SOX/ITGC, PCI DSS, HIPAA, CIS, and data protection/privacy (e.g., GDPR, CCPA/CPRA).
  • Hands-on experience designing automated workflows, building dashboards, and integrating GRC with IT/security tooling.
  • Security or audit certifications: CISSP, CISM, CRISC, ISO 27001 Lead Implementer/Auditor, CISA.
  • Experience with risk quantification approaches (e.g., FAIR) and board-level reporting.
  • Background in cloud and modern engineering environments (AWS/Azure/GCP, DevSecOps, SaaS).
Benefits
  • Health insurance
  • 401(k) matching
  • Paid time off
  • Professional development opportunities
  • Remote work options
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
Information SecurityRisk ManagementGRC platform implementationAutomated workflowsDashboard buildingRisk quantificationControl testingContinuous control monitoringData protectionRegulatory compliance
Soft Skills
LeadershipAdvisoryCommunicationTeam managementStrategic alignmentAudit coordinationEvidence management
Certifications
CISSPCISMCRISCISO 27001 Lead ImplementerISO 27001 AuditorCISA