Manager, IT & Cybersecurity GRC

Job not on LinkedIn

🔥 1 minute ago

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Veracyte, Inc.

WebsiteLinkedInAll Job Openings

501 - 1000 employees

Founded 2013

🧬 Biotechnology

⚕️ Healthcare Insurance

💊 Pharmaceuticals

Biotechnology • Healthcare Insurance • Pharmaceuticals

Veracyte, Inc. is a genomic diagnostics company focused on empowering clinicians with high-value molecular tests for diagnosing and treating cancer. The company provides a portfolio of genomic classifiers for various types of cancer, including thyroid, prostate, lung, breast, and bladder cancer, as well as interstitial lung disease. Veracyte's tests help clinicians and patients make informed decisions about cancer care by providing clear diagnostic and prognostic insights. The company's approach involves identifying unmet clinical needs and developing high-performance tests that are widely accessible globally through a CLIA and in vitro diagnostic-based model. Committed to elevating the standard of cancer care, Veracyte continues to expand its test portfolio and make significant contributions to the field of oncology diagnostics.

📋 Description

• Lead and execute the IT SOX program, including annual scoping, risk assessments, control design, testing strategy, and deficiency remediation • Own and continuously improve the IT General Controls (ITGC) framework (Access, Change Management, Operations, SDLC) ensuring alignment with SOX and COSO standards • Serve as the primary liaison to Internal and External Audit, driving efficient audit execution and high-quality outcomes • Partner closely with Finance and Internal Audit to co-develop control narratives, risk assessments, and audit committee materials • Drive the evolution of the Enterprise Risk Management (ERM) program for IT and Cybersecurity risks, including facilitating cross-functional risk workshops and maintaining the enterprise risk register • Translate technical risks into business-relevant insights and provide clear reporting to executive stakeholders, including the CIO and Audit Committee • Lead risk lifecycle activities including risk identification, assessment, mitigation planning, and ongoing monitoring • Establish and track key risk indicators (KRIs) and key performance indicators (KPIs) to measure program effectiveness and inform decision-making • Author and maintain IT and cybersecurity policies, standards, and procedures to ensure compliance with regulatory and industry frameworks • Evaluate and integrate GRC tools, automation, and analytics to enhance control monitoring and reporting capabilities • Review and assess third-party risk through SOC1/SOC2 and other service provider assurance reports • Lead and develop a small team (or provide functional leadership), fostering growth, accountability, and high performance • Drive cross-functional initiatives and special projects that strengthen governance, risk posture, and operational resilience

🎯 Requirements

• 6+ years of progressive experience in integrated audit, regulatory compliance, cybersecurity GRC, or risk management • Demonstrated experience owning and executing IT SOX / ITGC programs within a public company or SOX-regulated environment • Hands-on experience with risk management frameworks (COSO, NIST RMF, ISO 27001/27005 or similar) • Proven ability to lead cross-functional initiatives and drive alignment across Finance, Audit, Engineering, and Security teams • Experience managing audits and serving as a primary point of contact for auditors • Strong analytical and problem-solving skills with the ability to assess complex risks and design effective controls • Experience mentoring or leading others, with a track record of developing talent and fostering strong team engagement • Bachelor’s Degree in Accounting, Information Systems, Cybersecurity, or a related field

🏖️ Benefits

• Competitive compensation and benefits