GuidePoint Security

Manager, Corporate Governance, Risk, and Compliance (GRC)- Remote (Anywhere in the U.S.)

GuidePoint Security

full-time

Posted on:

Location: 🇺🇸 United States

Visit company website
AI Apply
Apply

Job Level

Mid-LevelSenior

Tech Stack

Cyber Security

About the role

  • Manage and lead a team of four Information Security Specialists and the processes comprising the GRC team’s portfolio of services.
  • Develop, disseminate, and maintain enterprise information security policies, standards, and procedures, and deliver the associated training program to all personnel.
  • Establish and maintain relevant security risk metrics.
  • Manage internal and external Privacy standards and initiatives.
  • Help inform and maintain the company’s Business Resilience Strategy.
  • Perform security- and privacy-centric reviews for contracts, Requests for Information (RFIs), and Requests for Proposals (RFPs).
  • Conduct risk assessments (e.g., enterprise annual, Commercial off the Shelf software and supplier reviews, etc.) and recommend risk mitigation strategies.
  • Support, facilitate and manage the response to internal and external audits and assessments of GuidePoint's security program.
  • Ensure GuidePoint's Suppliers align with required controls and standards through the Third-Party Risk Management process and providing subject matter expertise in crafting the security exhibit appended to suppliers’ service agreements.

Requirements

  • Undergraduate degree in cybersecurity/computer science and five years of work experience or eight or more years of work experience in Information Security.
  • At least 3 years’ experience in a managerial role.
  • Knowledgeable about and experienced aligning security programs with regulatory requirements (e.g., CMMC, GDPR; HIPAA; NYSDFS; etc.) and industry security frameworks (e.g., NIST, ISO, etc.).
  • Previous experience with security and privacy control definition, design, and implementation.
  • Experience with managing internal and external compliance audits and assessments.
  • Privacy experience including fielding Data Subject requests and performing Data Privacy Impact Assessments.
  • Familiarity with reviewing, developing, monitoring, testing, and implementing contingency planning measures in support of the organization’s critical functions.
  • Excellent communication skills and demonstrated ability to engage with stakeholders at all levels, including cross-functional collaboration experience.
  • Excellent organization skills, self-directed, and self-motivated.
  • Preferred requirements:
  • CISA, CISM, and/or CISSP certifications.
  • Experience working with Jira, Confluence, Veza, BitSight (or other supplier risk management tools).
TTM Technologies

GRC Analyst

TTM Technologies
Mid · Seniorfull-time🇺🇸 United States
Posted: 5 hours agoSource: ttmtech.wd5.myworkdayjobs.com
Cyber Security
United Rentals

Safety Compliance Manager

United Rentals
Mid · Seniorfull-timeCalifornia · 🇺🇸 United States
Posted: 5 hours agoSource: ur.wd1.myworkdayjobs.com
MTM, Inc.

Compliance Coordinator

MTM, Inc.
Mid · Seniorfull-time$52k–$52k / yearLouisiana, Minnesota, Montana, Pennsylvania, Rhode Island · 🇺🇸 United States
Posted: 7 hours agoSource: mtminc.wd1.myworkdayjobs.com
Truist

Business Data Steward Manager – Regulatory Reporting

Truist
Senior · Leadfull-timeNorth Carolina · 🇺🇸 United States
Posted: 7 hours agoSource: truist.wd1.myworkdayjobs.com
Eversource Energy

Manager, Instrumentation and Regulation – Gas

Eversource Energy
Senior · Leadfull-time$149k–$165k / yearConnecticut · 🇺🇸 United States
Posted: 8 hours agoSource: eversource.wd1.myworkdayjobs.com