Lead Manager, Security Governance, Risk & Compliance

🕒 April 28

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Make-A-Wish America

WebsiteLinkedInAll Job Openings

1001 - 5000 employees

Founded 1980

🤲 Charity

🤝 Non-profit

Charity • Non-profit

Make-A-Wish America is a nonprofit organization that grants life-changing wishes to children with critical illnesses, providing hope, strength, and joy to patients and their families. It raises funds and coordinates volunteers and corporate partners through a national foundation and local chapters across the United States to arrange personalized wishes and support impacted families.

📋 Description

• Assist in the development, implementation, and maintenance of GRC frameworks and managing third-party risk. • Contribute to the assessment and mitigation of organizational risks. • Maintain internal policies, standards and security baselines, oriented toward compliance and regulatory standards - as well as, enforcement of secure practices. • Manage risk acceptance and policy exception processes, ingesting risks and creating tracking, reporting and accountability mechanisms. • Participate in audits of security controls and processes. • Assist with the creation and maintenance of documentation related to GRC activities, TPRM, Business Continuity Planning (BCP), Business Impact Analysis (BIA) and Disaster Recovery. • Assist in the identification of control gaps. • Contribute to the development of remediation plans. • Conduct due diligence on potential third-party vendors to evaluate their security posture, financial stability, and compliance with relevant regulations. • Assist in monitoring compliance activities. • Collaborate with various departments to integrate TPRM into vendor management processes. • Perform vendor and product risk assessments, to align vendors and products with applicable standards, policies and security baselines. • Create and maintain vendor questionnaire and Data Protection Agreements (DPA). • Vendor Responsibility Agreement, covering performance standards, security obligations, adherence to the Change Management process, training, communications, and documentation. • Assist Legal with vendor reviews and responses. • Conduct audits of third-party security controls, processes and vendor performance compliance and address and risks that arise. • Aid in the development of risk training and awareness programs. • Maintain GRC monitoring applications. • Performs other related job duties, as assigned.

🎯 Requirements

• Bachelor’s degree in Computer Science or related technology field or equivalent experience required. • 5+ years of total experience with 2+ years of hands-on experience designing, building, and supporting enterprise GRC and TPRM solutions. • Understanding of GRC concepts and frameworks (e.g., ISO 27001, NIST, Cybersecurity Framework (CSF), SOC, GDPR) • Experience: IT Compliance, IT Audit, IT Security, Cloud Security, PCI, HITRUST, HIPPA, GRC, Risk management, Risk analysis • Proficiency in Microsoft Office Suite (Word, Excel, PowerPoint). • Relevant and Current Certifications Preferred: e.g., Certified in Governance, Risk and Compliance (CGRC), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Auditor (CISA), GRC Professional (GRCP), etc. • Knowledge and experience with OneTrust Tools is preferred.

🏖️ Benefits

• Comprehensive benefit package, effective day 1: Medical, Vision*, Dental*, Wellness • Competitive compensation with annual incentive potential • Health Savings Account and Flexible Spending Account Options • Health Reimbursement Account fully funded by Make-A-Wish America • Short Term Disability*, Long Term Disability* and Life Insurance • Additional Insurance Plans: Accident, Critical Illness, Hospital Indemnity, Pet Insurance through Figo • 401(k) Retirement Savings Plan with 5% match after one year of service • Eligibility for student loan forgiveness through the Public Service Loan Forgiveness Program • The organization will send a laptop, 24” monitor, and a docking station/adaptor to new hires