Manager – Governance, Risk and Compliance (GRC)

🕒 vor 21 Tagen

🤠 Texas – Remote

🤠 Texas – Remote

⏰ Vollzeit

🟡 Mittelstufe

🟠 Senior

🚔 Compliance

🦅 H1B-Visum-Sponsor

Dieses Unternehmen hat in der Vergangenheit H1B-Visa gesponsert.

Jetzt Bewerben

Ähnliche Remote-Jobs finden

E-Mails für Remote-Jobs erhalten

📊 Überprüfen Sie Ihre Lebenslauf-Bewertung für diese Stelle

Verbessern Sie Ihre Chancen auf ein Vorstellungsgespräch, indem Sie Ihre Lebenslauf-Bewertung vor der Bewerbung überprüfen.

Lebenslauf hochladen

SpyCloud

WebsiteLinkedInAlle Stellen

51 - 200 Mitarbeiter

🔒 Cybersecurity

🔐 Sicherheit

🏢 Unternehmen

Cybersecurity • Security • Enterprise

SpyCloud ist ein Cybersicherheitsunternehmen, das sich auf den Schutz von Identitäten und Bedrohungsaufklärung spezialisiert hat. Das Unternehmen bietet Lösungen für den Schutz von Unternehmen, den Schutz vor Verbraucherisiken und Cyberkriminalitätsuntersuchungen an. Zu den Dienstleistungen von SpyCloud gehören die automatisierte Prävention von Kontoübernahmen (ATO), Nachbehandlung nach Infektionen, Prävention von Ransomware, Prävention von Sitzungsentführungen, Zuordnung von Bedrohungsakteuren, Betrugsprävention, Überwachung des Dark Web und Penetrationstests. Durch die Integration mit SIEM- und SOAR-Systemen hilft SpyCloud Organisationen, ihr Risiko durch Ransomware und andere kritische Angriffe zu reduzieren, indem es digitale Identitäten sichert. Ihre Datenpartnerschaften erweitern ihr Angebot durch den Zugang zu gestohlenen, durch Malware infizierten und gefischten Daten. SpyCloud engagiert sich dafür, Cyberkriminalität zu stören, indem es fortschrittliche Analysen einsetzt, um sowohl Mitarbeiter- als auch Verbraucher-Konten zu schützen und Bedrohungsakteure aufzudecken.

Beschreibung

• Own and manage SpyCloud’s day-to-day GRC and compliance operations across multiple frameworks, including SOC 2, ISO 27001, NIST, and CMMC 2.0. • Lead internal and external audit coordination activities, evidence collection, remediation tracking, and control validation efforts. • Maintain and improve security policies, standards, procedures, and governance documentation. • Drive ongoing compliance readiness activities and operationalize scalable compliance processes across the business. • Partner closely with Legal, Security Engineering, DevOps, and Engineering teams to ensure alignment on security and regulatory requirements. • Conduct enterprise risk assessments and facilitate ongoing risk identification, tracking, remediation, and reporting processes. • Develop and maintain risk registers and support leadership reporting on security and compliance risks. • Lead third-party/vendor risk management activities, including security reviews and vendor assessments. • Support customer trust initiatives, including security questionnaires, compliance inquiries, and due diligence requests. • Partner with DevOps and Security Engineering teams to strengthen cloud security governance across AWS and cloud-native environments. • Ensure security controls are aligned with compliance frameworks and operational best practices. • Support implementation and monitoring of governance controls related to cloud infrastructure, identity management, logging, vulnerability management, and secure development practices. • Contribute to ongoing security awareness and compliance education initiatives across the organization. • Manage and mentor direct report(s), supporting professional growth and operational excellence within the GRC function. • Collaborate with technical and non-technical stakeholders to drive accountability and operational maturity. • Help prioritize remediation efforts and compliance initiatives based on business risk and organizational goals. • Support the Senior Director of Governance, Risk and Information Security in scaling SpyCloud’s overall security governance program.

🎯 Anforderungen

• 6+ years of experience in Governance, Risk, and Compliance (GRC), Information Security, Security Compliance, or related fields. • Demonstrated hands-on experience managing operational compliance programs within SaaS, cloud, or cybersecurity environments. • Proven experience supporting and maintaining compliance frameworks such as: • SOC 2 • ISO 27001 • NIST • CMMC 2.0 • Experience leading audits, managing evidence collection, and coordinating remediation activities. • Experience with third-party/vendor risk management and enterprise risk assessment processes. • Experience working cross-functionally with Legal, Engineering, DevOps, Security, and executive stakeholders. • Bachelor's degree in Cybersecurity, Information Security, Computer Science, Business, or related field, or equivalent practical experience. • Strong understanding of security governance, compliance operations, and risk management practices. • Familiarity with cloud security concepts and governance within AWS or similar cloud environments. • Strong organizational and project management skills with the ability to manage multiple priorities simultaneously. • Excellent written and verbal communication skills. • Ability to translate compliance requirements into practical operational processes. • Strong analytical, documentation, and problem-solving skills.

🏖️ Vorteile

• 401(k) with Employer Contribution • Health, Vision, and Dental Insurance • Health Savings Account (HSA) available with Employer Contribution • Employer Paid Life, Short-term, and Long-term Disability Insurance • Generous PTO Plan and 16 paid holidays per year