SENIOR MANAGER, GOVERNANCE, RISK MANAGEMENT, AND COMPLIANCE(GRC)

Job Category: QA & Compliance Roles

JOB SUMMARY: Senior Manager of Governance Risk & Compliance (GRC)

We are seeking an experienced Senior Manager of Governance, Risk Management, and Compliance (GRC) to lead our efforts in maintaining compliance with various regulatory and security frameworks. This role requires a deep understanding of security, compliance, regulatory frameworks, platform management, vendor security reviews, and customer interactions. The ideal candidate will have a strong ability to collaborate across functions and provide valuable insights and leadership in enhancing our security and compliance posture.

RESPONSIBILITIES AND DUTIES: Senior Manager of Governance Risk Management Compliance (GRC)

  • Lead the organization’s compliance efforts across PCI, SOC 2, FedRAMP, StateRAMP, ISO2700x, and other frameworks.
  • Coordinate with third-party auditing firms to facilitate audits and provide necessary evidence.
  • Drive resolutions for audit findings through effective control implementation.
  • Manage the implementation of SOC2 and NIST frameworks to assess and enhance security maturity.
  • Utilize the GRC platform for ongoing compliance monitoring and improvement.
  • Collaborate with legal and security teams for data protection compliance in contracts and DPAs.
  • Conduct security assessments of third-party vendors and partners.
  • Respond to customer inquiries regarding security attestations and compliance.
  • Foster synergy between security and compliance functions, ensuring aligned strategies and initiatives.

QUALIFICATIONS: Senior Manager of Governance Risk Management Compliance (GRC)

  • Bachelor’s degree in Computer Science, Information Security, Risk Management, or related field, or equivalent work experience.
  • Experience with regulatory frameworks and standards such as ISO 27001, NIST Cybersecurity Framework, or PCI DSS.
  • 5+ years of experience in GRC roles with a focus on information security and technology.
  • Proven track record in developing and implementing governance frameworks and compliance programs.
  • Familiarity with risk assessment techniques and security controls.
  • Experience with compliance audits, assessments, and Privacy Impact Assessments.
  • Strong understanding of GDPR, HIPAA, and business process-related risks.
  • Excellent communication skills and ability to engage with stakeholders at all levels.
  • Knowledge of ISO 27001, NIST Cybersecurity Framework, or PCI DSS.
  • Professional certifications like CISA, CRISC, CISSP, or CISM are highly desirable.

OPPORTUNITY DETAILS:

This role is perfect for a proactive leader dedicated to maintaining the highest standards of governance, risk management, and compliance in the ever-evolving landscape of information security. If you have the required experience and are passionate about driving compliance and security initiatives, we encourage you to apply.

ABOUT CURATE:

At Curate Partners we are committed to fostering, cultivating, and preserving a culture of diversity, equity, and inclusion. We embrace the unique contributions that each ‘Purple Squirrel’ brings to our team, regardless of their age, gender, race, ethnicity, national origin, disability status, sexual orientation, or religious belief. Our strength lies in our diversity and in our unified pursuit of innovation, excellence, and transformative success. Our environment makes all employees and consultants feel valued, included, and empowered to bring their authentic selves to work every day. Join us in our commitment to creating a diverse, inclusive, and innovative workspace where every ‘Purple Squirrel’ can thrive.

EQUAL OPPORTUNITY EMPLOYER:

Curate Partners and their clients are committed to fostering, cultivating, and preserving a culture of diversity, equity, and inclusion. We embrace the unique contributions that each ‘Purple Squirrel’ brings to our team, regardless of their age, gender, race, ethnicity, national origin, disability status, sexual orientation, or religious belief. We believe that our strength lies in our diversity and in our unified pursuit of innovation, excellence, and transformative success. We are dedicated to providing an environment where all employees and consultants feel valued, included, and empowered to bring their authentic selves to work every day. Join us in our commitment to creating a diverse, inclusive, and innovative workspace where every ‘Purple Squirrel’ can thrive.

FAQ: Senior Manager of Governance Risk Management Compliance (GRC)

  • Q: What qualifications are required for the Senior Manager of GRC role?
    • A: Required qualifications include a Bachelor’s degree in relevant fields, 5+ years of experience in GRC roles, familiarity with regulatory frameworks such as ISO 27001 and NIST, and professional certifications like CISA, CRISC, CISSP, or CISM.
  • Q: What are the key responsibilities of the Senior Manager of GRC?
    • A: Key responsibilities include leading compliance efforts across various frameworks, coordinating with auditing firms, driving resolutions for audit findings, managing security assessments of third-party vendors, and fostering synergy between security and compliance functions.

Apply for this position

Allowed Type(s): .pdf, .doc, .docx