Tanium

GRC Director

Tanium

full-time

Posted on:

Location Type: Hybrid

Location: DurhamNorth CarolinaUnited States

Visit company website

Explore more

AI Apply
Apply

Salary

💰 $165,000 - $495,000 per year

Job Level

Lead

About the role

  • Proactively and consistently manage the Tanium’s mission critical compliance frameworks, including ISO 27001, SOC2 Type 2, FedRAMP, and other frameworks
  • Develop, enhance, and operationalize security, risk and privacy policies as well as associated business processes to mitigate risk and comply with applicable laws and regulations
  • Own and manage the Tanium’s risk quantification & management program
  • Own and manage GRC’s role in responding to client audit and RFP/RFI requests in a timely and effective manner
  • Own and implement a vision for GRC tactics and methods which scale with Tanium’s business needs and balance efficient execution with comprehensive and repeatable processes
  • Manage, support and inspire a team of GRC professionals
  • Oversee third party technical risk assessments and related audit activity
  • Serve as a subject matter expert for information security risk management principles and practices
  • Collaborate with executives and key stakeholders across Tanium to review projects, assess business critical systems and ensure compliance with compliance frameworks and data privacy laws
  • As necessary, perform and advise on privacy impact assessments
  • Perform internal technical risk assessments/audits
  • Proactively assesses potential items of risk and opportunities
  • Promote a culture of information security across all business units
  • Understand the role of systems and technology within the firm and the value they deliver to the business
  • Stay abreast of impending changes to compliance & regulatory frameworks to guide annual planning cycles

Requirements

  • Bachelor's Degree in Computer Science, IT or other relevant degree or equivalent work experience
  • 7+ years of experience in Information Security and/or Data Privacy Compliance positions
  • Practical, hands-on expertise implementing and managing Federal compliance frameworks such as FedRAMP, CMMC, etc.
  • Deep expertise in common compliance standards, eg. ISO27001/270017/270018, SOC 2, NIST CSF
  • Bonus points for hands-on, practical knowledge of PCI DSS
  • Strong knowledge of the global data security regulatory environment
  • Strong knowledge of global privacy regulations and requirements (eg. CCPA, GDPR, HIPAA, PIPEDA, UK DPA and Privacy Shield, and others)
  • Highly skilled at making analytical risk-based decisions and recommendations
  • Demonstrated ability to convey complex information in a clear and concise manner both verbally and in written form
  • Demonstrated ability to engage directly with auditors and customers and address sensitive situations
  • Demonstrated track record of managing a team of highly motivated, independent analysts/SMEs
  • Experience with Objectives and Key Results (OKRs) and/or kanban principles
Benefits
  • medical, dental and vision plan
  • family planning benefits
  • health savings account
  • flexible spending account
  • transportation savings account
  • 401(k) retirement savings plan with company match
  • life, accident and disability coverage
  • business travel accident insurance
  • employee assistance programs
  • disability insurance
  • other well-being benefits
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
ISO 27001SOC 2FedRAMPCMMCNIST CSFPCI DSSrisk managementdata privacy compliancetechnical risk assessmentsprivacy impact assessments
Soft Skills
analytical decision-makingclear communicationteam managementstakeholder collaborationproblem-solvinginspiring leadershipengagement with auditorsaddressing sensitive situationsrisk assessmentculture promotion
Certifications
Bachelor's Degree in Computer ScienceIT certificationsISO certificationsCISACISMCRISCCIPPCISSPGRC certificationsprivacy certifications