Lead Manager, Security Governance, Risk & Compliance

Make-A-Wish

Completely RemoteFull TimeInformation Technology
Posted Today

Job description

Responsibilities

  • Assist in the development, implementation, and maintenance of GRC frameworks and managing third-party risk
  • Contribute to the assessment and mitigation of organizational risks
  • Maintain internal policies, standards, and security baselines
  • Manage risk acceptance and policy exception processes
  • Participate in audits of security controls and processes
  • Assist with the creation and maintenance of documentation related to GRC, TPRM, BCP, BIA, and Disaster Recovery
  • Conduct due diligence on potential third-party vendors to evaluate security posture and compliance
  • Perform vendor and product risk assessments
  • Create and maintain vendor questionnaires and Data Protection Agreements (DPA)
  • Aid in the development of risk training and awareness programs
  • Maintain GRC monitoring applications

Requirements

  • Bachelor’s degree in Computer Science or related technology field or equivalent experience
  • 5+ years of total experience
  • 2+ years of hands-on experience designing, building, and supporting enterprise GRC and TPRM solutions
  • Understanding of GRC concepts and frameworks (e.g., ISO 27001, NIST, CSF, SOC, GDPR)
  • Experience in IT Compliance, IT Audit, IT Security, Cloud Security, PCI, HITRUST, or HIPAA
  • Proficiency in Microsoft Office Suite

Preferred Qualifications

  • Relevant certifications such as CGRC, CRISC, CISA, or GRCP
  • Knowledge and experience with OneTrust Tools

Benefits

  • Comprehensive medical, vision, and dental coverage effective day 1
  • 401(k) with 5% match after one year
  • Paid time off, sick days, and paid holidays
  • Parental leave and volunteer days
  • Laptop, monitor, and docking station provided

About the Company

Make-A-Wish is the world’s largest wish-granting organization, dedicated to uniting communities to grant life-changing wishes for eligible children.

Skills & tools

ComplianceAuditRisk Management

What the team is looking for

Use this list as a quick fit check before you apply.

  1. 01Bachelor's degree in Computer Science or related field
  2. 025+ years of total experience
  3. 032+ years of GRC and TPRM experience
  4. 04Knowledge of NIST, ISO 27001, and GDPR
ScoutJobsAd

Wake up to a shortlist, not a search results page.

ScoutJobs scores every new listing against your CV, salary floor and visa. A handful of real matches by morning.

Get your daily matches