Manager, IT & Cybersecurity GRC

Veracyte, Inc.

Manager, IT & Cybersecurity GRC at Veracyte, leading governance, risk, and compliance initiatives. Overseeing IT SOX compliance and cybersecurity governance in a regulated environment.

Posted 6/24/2026full-timeRemote • 🇺🇸 United StatesMid-LevelSenior💰 $145,000 - $155,000 per yearWebsite

Tech Stack

Tools & technologies

Cyber SecuritySDLC

About the role

Key responsibilities & impact

Lead and execute the IT SOX program, including annual scoping, risk assessments, control design, testing strategy, and deficiency remediation
Own and continuously improve the IT General Controls (ITGC) framework (Access, Change Management, Operations, SDLC) ensuring alignment with SOX and COSO standards
Serve as the primary liaison to Internal and External Audit, driving efficient audit execution and high-quality outcomes
Partner closely with Finance and Internal Audit to co-develop control narratives, risk assessments, and audit committee materials
Drive the evolution of the Enterprise Risk Management (ERM) program for IT and Cybersecurity risks, including facilitating cross-functional risk workshops and maintaining the enterprise risk register
Translate technical risks into business-relevant insights and provide clear reporting to executive stakeholders, including the CIO and Audit Committee
Lead risk lifecycle activities including risk identification, assessment, mitigation planning, and ongoing monitoring
Establish and track key risk indicators (KRIs) and key performance indicators (KPIs) to measure program effectiveness and inform decision-making
Author and maintain IT and cybersecurity policies, standards, and procedures to ensure compliance with regulatory and industry frameworks
Evaluate and integrate GRC tools, automation, and analytics to enhance control monitoring and reporting capabilities
Review and assess third-party risk through SOC1/SOC2 and other service provider assurance reports
Lead and develop a small team (or provide functional leadership), fostering growth, accountability, and high performance
Drive cross-functional initiatives and special projects that strengthen governance, risk posture, and operational resilience

Requirements

What you’ll need

6+ years of progressive experience in integrated audit, regulatory compliance, cybersecurity GRC, or risk management
Demonstrated experience owning and executing IT SOX / ITGC programs within a public company or SOX-regulated environment
Hands-on experience with risk management frameworks (COSO, NIST RMF, ISO 27001/27005 or similar)
Proven ability to lead cross-functional initiatives and drive alignment across Finance, Audit, Engineering, and Security teams
Experience managing audits and serving as a primary point of contact for auditors
Strong analytical and problem-solving skills with the ability to assess complex risks and design effective controls
Experience mentoring or leading others, with a track record of developing talent and fostering strong team engagement
Bachelor’s Degree in Accounting, Information Systems, Cybersecurity, or a related field

Benefits

Comp & perks

Competitive compensation and benefits

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

IT SOX programIT General Controls (ITGC)risk assessmentscontrol designtesting strategydeficiency remediationrisk management frameworkscybersecurity policiesGRC toolsSOC1/SOC2

Soft Skills

leadershipanalytical skillsproblem-solvingteam engagementcross-functional collaborationcommunicationmentoringaccountabilityorganizational skillsstakeholder reporting