Назад
Company hidden
21 час назад

Manager, Governance, Risk & Compliance (Cybersecurity)

150 000 - 170 000$
Формат работы
remote (только USA)
Тип работы
fulltime
Грейд
lead
Английский
c1
Страна
US
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

Manager, Governance, Risk & Compliance (Cybersecurity): Leading security governance, risk, and compliance programs to ensure regulatory and customer trust obligations are met with an accent on audit readiness and policy operationalization. Focus on managing SOC 2, ISO 27001, GovRAMP, and PCI DSS frameworks, solving complex risk management challenges, and coordinating with cross-functional stakeholders.

Location: Remote (Must be based in the US)

Salary: $150,000–$170,000

Company

hirify.global provides a cloud-based platform of government software solutions that accelerate growth, efficiency, and transparency in communities of all sizes.

What you will do

  • Lead the GRC function across security policies, standards, risk management, and control operations.
  • Own audit readiness and compliance for SOC 2, ISO 27001, GovRAMP, PCI DSS, HIPAA, and NIST frameworks.
  • Maintain the security risk register, including identification, assessment, and executive reporting of risks.
  • Manage third-party and supply chain risk management, including vendor security reviews and due diligence.
  • Support customer security reviews, questionnaires, and trust center content.
  • Drive continuous improvement of the GRC operating model through automation and control rationalization.

Requirements

  • 6+ years of experience in security governance, risk management, compliance, or audit.
  • Must be based in the US.
  • Experience managing audits for SOC 2, ISO 27001, GovRAMP, PCI DSS, or HIPAA.
  • Strong understanding of security controls, policy management, and risk assessment practices.
  • Ability to translate complex compliance obligations into practical business and technical requirements.
  • Excellent written and verbal communication skills.

Nice to have

  • Experience in SaaS, cloud, or public-sector technology environments.
  • Relevant certifications such as CISSP, CISM, CISA, CRISC, or ISO 27001 Lead Auditor/Implementer.
  • Experience with GRC platforms, trust centers, or control automation tools.
  • Knowledge of privacy programs involving CCPA, GDPR, or HIPAA.

Culture & Benefits

  • Comprehensive medical, dental, and vision plans.
  • 401(k) retirement savings plan with company match.
  • Flexible time off and family planning benefits.
  • Health Savings Account (HSA) and Flexible Spending Account (FSA) with company contributions.
  • Commitment to diversity, equity, and inclusion to ensure a sense of belonging.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →