Security GRC Manager

Job Summary

A company is looking for a Security GRC Manager who will oversee and enhance the compliance program and security controls within the organization.

Key Responsibilities

• Mature the GRC strategy and manage GRC initiatives to align with business and security goals
• Lead risk management efforts, including assessments and remediation tracking, while communicating risk impacts
• Manage third-party risk through vendor evaluations, documentation reviews, and ongoing monitoring

Required Qualifications

• Expertise in HIPAA, SOC 2, and regulatory frameworks with practical experience in operationalizing controls
• Experience in vendor security reviews and ongoing third-party monitoring within a TPRM program
• Proven ability to design scalable GRC solutions that support growth and reduce friction
• Strong knowledge of cloud security, identity management, application security, and common security frameworks
• Comfortable in fast-paced, ambiguous environments, with the ability to drive progress independently