Support the assessment and ongoing management of Grainger’s Security Governance Programs, with emphasis on Cloud, AI, and Data Governance.
Evaluate the effectiveness of existing security governance processes, identifying current-state gaps, risks, and opportunities for improvement aligned to frameworks such as NIST and ISO 27001 and global privacy regulations (HIPAA, GDPR).
Drive process, policy, and workflow improvements across GRC Operations, contributing to the standardization and strengthening of governance practices to improve accuracy, consistency, and operational efficiency.
Track identified risks, issues, and remediation activities through resolution, ensuring accountability, timely follow-up, and clear communication of status, blockers, and outcomes to stakeholders.
Help maintain key GRC artifacts, including risk, controls, metrics, dashboards, and executive-level reporting.
Partner with cross-functional stakeholders to support compliance and regulatory requirements, including audit readiness and regulatory inquiries.
Translate complex security, risk, and compliance concepts into clear, concise communications tailored for both technical and non-technical audiences, including senior leadership.
Strengthen security awareness and governance communications, reinforcing accountability, risk-informed decision-making, and organizational understanding of security responsibilities.
Maintain accurate documentation and evidence to support audits, internal reviews, and external regulatory engagements.
Coordinate and support GRC-related initiatives and projects, including managing timelines, tracking action items, organizing deliverables, and communicating status and outcomes to stakeholders.
Monitor emerging cybersecurity threats and social engineering trends, proactively informing governance strategies and program enhancements.

Requirements

Bachelor’s degree or equivalent required
3+ years’ Experience in Information Security required
Demonstrated knowledge of cybersecurity and privacy regulations, risk management principles, and industry frameworks.
Hands-on experience developing and maintaining metrics, KPIs, and dashboards to support governance and risk reporting.
Experience supporting or leading security governance assessments.
Strong written and verbal communication skills, with the ability to influence cross-functional partners and engage executive stakeholders.
Highly organized, detail-oriented, and capable of managing multiple priorities in a dynamic environment.
Proven ability to work independently while contributing effectively within a collaborative team environment.
Experience in project management, including planning, prioritization, dependency tracking, and driving initiatives to completion across cross-functional teams in a dynamic environment.
Ongoing commitment to staying informed on cybersecurity trends, threat actors, and emerging best practices.

Benefits

Medical, dental, vision, and life insurance plans with coverage starting on day one of employment and 6 free sessions each year with a licensed therapist to support your emotional wellbeing.
18 paid time off (PTO) days annually for full-time employees (accrual prorated based on employment start date) and 6 company holidays per year.
6% company contribution to a 401(k) Retirement Savings Plan each pay period, no employee contribution required.
Employee discounts, tuition reimbursement, student loan refinancing and free access to financial counseling, education, and tools.
Maternity support programs, nursing benefits, and up to 14 weeks paid leave for birth parents and up to 4 weeks paid leave for non-birth parents.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

Information SecurityCybersecurityData GovernanceRisk ManagementNISTISO 27001HIPAAGDPRMetricsDashboards

Soft Skills

Written CommunicationVerbal CommunicationOrganizational SkillsDetail-orientedProject ManagementCollaborationInfluencingAccountabilityAdaptabilityStakeholder Engagement