Lead Manager, Security Governance, Risk & Compliance

🕒 Abril 28

Candidatar-se

Encontrar Vagas Remotas Similares

Receber Emails de Vagas Remotas

📊 Verifique sua pontuação de currículo para esta vaga

Melhore suas chances de conseguir uma entrevista verificando sua pontuação de currículo antes de se candidatar.

Enviar Currículo

Make-A-Wish America

SiteLinkedInTodas as Vagas

1001 - 5000 funcionários

Fundada em 1980

🤲 Filantropia

🤝 Sem Fins Lucrativos

Charity • Non-profit

Make-A-Wish America é uma organização sem fins lucrativos que realiza desejos transformadores para crianças com doenças graves, proporcionando esperança, força e alegria aos pacientes e suas famílias. A organização arrecada fundos e coordena voluntários e parceiros corporativos por meio de uma fundação nacional e capítulos locais em todo os Estados Unidos para organizar desejos personalizados e dar apoio às famílias impactadas.

Descrição

• Assist in the development, implementation, and maintenance of GRC frameworks and managing third-party risk. • Contribute to the assessment and mitigation of organizational risks. • Maintain internal policies, standards and security baselines, oriented toward compliance and regulatory standards - as well as, enforcement of secure practices. • Manage risk acceptance and policy exception processes, ingesting risks and creating tracking, reporting and accountability mechanisms. • Participate in audits of security controls and processes. • Assist with the creation and maintenance of documentation related to GRC activities, TPRM, Business Continuity Planning (BCP), Business Impact Analysis (BIA) and Disaster Recovery. • Assist in the identification of control gaps. • Contribute to the development of remediation plans. • Conduct due diligence on potential third-party vendors to evaluate their security posture, financial stability, and compliance with relevant regulations. • Assist in monitoring compliance activities. • Collaborate with various departments to integrate TPRM into vendor management processes. • Perform vendor and product risk assessments, to align vendors and products with applicable standards, policies and security baselines. • Create and maintain vendor questionnaire and Data Protection Agreements (DPA). • Vendor Responsibility Agreement, covering performance standards, security obligations, adherence to the Change Management process, training, communications, and documentation. • Assist Legal with vendor reviews and responses. • Conduct audits of third-party security controls, processes and vendor performance compliance and address and risks that arise. • Aid in the development of risk training and awareness programs. • Maintain GRC monitoring applications. • Performs other related job duties, as assigned.

🎯 Requisitos

• Bachelor’s degree in Computer Science or related technology field or equivalent experience required. • 5+ years of total experience with 2+ years of hands-on experience designing, building, and supporting enterprise GRC and TPRM solutions. • Understanding of GRC concepts and frameworks (e.g., ISO 27001, NIST, Cybersecurity Framework (CSF), SOC, GDPR) • Experience: IT Compliance, IT Audit, IT Security, Cloud Security, PCI, HITRUST, HIPPA, GRC, Risk management, Risk analysis • Proficiency in Microsoft Office Suite (Word, Excel, PowerPoint). • Relevant and Current Certifications Preferred: e.g., Certified in Governance, Risk and Compliance (CGRC), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Auditor (CISA), GRC Professional (GRCP), etc. • Knowledge and experience with OneTrust Tools is preferred.

🏖️ Benefícios

• Comprehensive benefit package, effective day 1: Medical, Vision*, Dental*, Wellness • Competitive compensation with annual incentive potential • Health Savings Account and Flexible Spending Account Options • Health Reimbursement Account fully funded by Make-A-Wish America • Short Term Disability*, Long Term Disability* and Life Insurance • Additional Insurance Plans: Accident, Critical Illness, Hospital Indemnity, Pet Insurance through Figo • 401(k) Retirement Savings Plan with 5% match after one year of service • Eligibility for student loan forgiveness through the Public Service Loan Forgiveness Program • The organization will send a laptop, 24” monitor, and a docking station/adaptor to new hires