Lead Manager, Security Governance, Risk & Compliance

🕒 April 28

Apply Now
Find Similar Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Logo of Make-A-Wish America

Make-A-Wish America

1001 - 5000 employees

Founded 1980

🤲 Charity

🤝 Non-profit

Charity • Non-profit

Make-A-Wish America is a nonprofit organization that grants life-changing wishes to children with critical illnesses, providing hope, strength, and joy to patients and their families. It raises funds and coordinates volunteers and corporate partners through a national foundation and local chapters across the United States to arrange personalized wishes and support impacted families.

📋 Description

• Assist in the development, implementation, and maintenance of GRC frameworks and managing third-party risk. • Contribute to the assessment and mitigation of organizational risks. • Maintain internal policies, standards and security baselines, oriented toward compliance and regulatory standards - as well as, enforcement of secure practices. • Manage risk acceptance and policy exception processes, ingesting risks and creating tracking, reporting and accountability mechanisms. • Participate in audits of security controls and processes. • Assist with the creation and maintenance of documentation related to GRC activities, TPRM, Business Continuity Planning (BCP), Business Impact Analysis (BIA) and Disaster Recovery. • Assist in the identification of control gaps. • Contribute to the development of remediation plans. • Conduct due diligence on potential third-party vendors to evaluate their security posture, financial stability, and compliance with relevant regulations. • Assist in monitoring compliance activities. • Collaborate with various departments to integrate TPRM into vendor management processes. • Perform vendor and product risk assessments, to align vendors and products with applicable standards, policies and security baselines. • Create and maintain vendor questionnaire and Data Protection Agreements (DPA). • Vendor Responsibility Agreement, covering performance standards, security obligations, adherence to the Change Management process, training, communications, and documentation. • Assist Legal with vendor reviews and responses. • Conduct audits of third-party security controls, processes and vendor performance compliance and address and risks that arise. • Aid in the development of risk training and awareness programs. • Maintain GRC monitoring applications. • Performs other related job duties, as assigned.

🎯 Requirements

• Bachelor’s degree in Computer Science or related technology field or equivalent experience required. • 5+ years of total experience with 2+ years of hands-on experience designing, building, and supporting enterprise GRC and TPRM solutions. • Understanding of GRC concepts and frameworks (e.g., ISO 27001, NIST, Cybersecurity Framework (CSF), SOC, GDPR) • Experience: IT Compliance, IT Audit, IT Security, Cloud Security, PCI, HITRUST, HIPPA, GRC, Risk management, Risk analysis • Proficiency in Microsoft Office Suite (Word, Excel, PowerPoint). • Relevant and Current Certifications Preferred: e.g., Certified in Governance, Risk and Compliance (CGRC), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Auditor (CISA), GRC Professional (GRCP), etc. • Knowledge and experience with OneTrust Tools is preferred.

🏖️ Benefits

• Comprehensive benefit package, effective day 1: Medical, Vision*, Dental*, Wellness • Competitive compensation with annual incentive potential • Health Savings Account and Flexible Spending Account Options • Health Reimbursement Account fully funded by Make-A-Wish America • Short Term Disability*, Long Term Disability* and Life Insurance • Additional Insurance Plans: Accident, Critical Illness, Hospital Indemnity, Pet Insurance through Figo • 401(k) Retirement Savings Plan with 5% match after one year of service • Eligibility for student loan forgiveness through the Public Service Loan Forgiveness Program • The organization will send a laptop, 24” monitor, and a docking station/adaptor to new hires

Apply Now

Similar Jobs

🕒 April 27

ImmunityBio, Inc.

501 - 1000

🧬 Biotechnology

⚕️ Healthcare Insurance

💊 Pharmaceuticals

Senior Security Engineer responsible for securing AI infrastructure at biopharmaceutical company. Collaborating across teams to implement security architecture and governance across AI projects.

Cloud

Kubernetes

Microservices

🕒 April 27

ImmunityBio, Inc.

501 - 1000

🧬 Biotechnology

⚕️ Healthcare Insurance

💊 Pharmaceuticals

Senior Security Engineer focusing on AI model and application security at ImmunityBio. Engage in threat modeling, security controls, and team collaboration to develop secure AI features.

🕒 April 25

ATSG

501 - 1000

🤝 B2B

🔒 Cybersecurity

🏢 Enterprise

Security Manager responsible for daily security operations workflows and incident response at XTIUM. Coordinating internal and external partners to ensure robust security measures and documentation.

🕒 April 25

Strategic Technology Partners

11 - 50

🔒 Cybersecurity

🏢 Enterprise

☁️ SaaS

ISVG Engineer responsible for designing and supporting identity governance solutions at Strategic Technology Partners. Enhancing security and compliance while managing user lifecycle processes.

Java

JavaScript

SOAP

🕒 April 25

Strategic Technology Partners

11 - 50

🔒 Cybersecurity

🏢 Enterprise

☁️ SaaS

ISVA Engineer designing and supporting secure access management solutions across the enterprise environment at Strategic Technology Partners. Strengthening authentication, authorization, and identity federation capabilities.

AWS

Azure

Cloud

Docker

Google Cloud Platform

Kubernetes

Linux

Python

Unix