GRC IT Security Manager

Description:
Logistics:
Compensation: $115-170K/yr + 10% annual bonus
Willing support relocation
Hybrid On-site Schedule: on site in Edgewater Park, NJ office Weds/Thurs, every other week (4x/month)
Position Overview: The Manager of Governance, Risk and Compliance (GRC) plays a critical mid-level leadership role within the Information Security function, responsible for translating strategy into operational execution across the GRC program. Reporting to the Director of GRC, this role provides daily oversight of analysts and leads, drives process maturity, and ensures consistent delivery of risk, audit, policy, and continuity efforts. The Manager of GRC helps shape the enterprise's risk posture while mentoring a high-performing team and fostering cross-functional collaboration. This role requires a deep understanding of regulatory frameworks and an ability to communicate complex risk concepts in clear, actionable terms. The ideal candidate will proactively identify control gaps, coordinate effective mitigation, and ensure security efforts remain aligned with evolving business needs.
Day-to-Day Ownership and Responsibilities:
Enterprise Cyber Risk Management:

• Lead enterprise-wide cybersecurity risk assessments across business units and IT domains.
• Own the accuracy and ongoing maintenance of the enterprise risk register, ensuring it is consistently updated and informed by stakeholder input.
• Collaborate with business and IT leaders to define and apply enterprise risk tolerance thresholds.
• Translate technical risk findings into actionable, business-relevant recommendations.
• Identify and escalate systemic risks that could materially impact operations or compliance.
• Monitor industry trends, threat intelligence, and regulatory changes to adjust risk posture.
• Deliver clear, timely risk reports and dashboards to senior leadership and governance bodies.
• Implement structured risk governance processes, including review cycles and escalation protocols.
• Implement automated GRC tools and data analytics to improve cybersecurity risk management efficiency and accuracy.
• Develop KPIs and KRIs for the security organization and maintain tactical and strategic dashboards to monitor risk and compliance efforts.

Management & Collaboration:

• Oversee GRC team operations, assigning work, setting priorities, and ensuring effective collaboration.
• Partner with senior leadership and business stakeholders to align GRC efforts with enterprise goals.
• Foster a high-performing, collaborative team culture through coaching, accountability, and career development.

Business Continuity and Disaster Recovery (BC/DR):

• Lead collaboration with IT and business leaders to identify mission-critical applications and conduct comprehensive BIA, define RTO/RPO, and recovery procedures.
• Develop dependency mappings for critical systems with application and infrastructure teams.
• Oversee documentation of recovery procedures, including technical and business continuity procedures.
• Lead tabletop exercises and failover/failback recovery testing with IT and business users.
• Identify gaps in the BC/DR program and take ownership of remediation.
• Ensure business continuity objectives are effectively aligned with IT capabilities to support organizational resilience during disruptions.
• Contribute to recovery planning efforts and facilitate coordination among IT and business teams to ensure effective response during disruptions.

Vendor Risk Management:

• Partner with the procurement and legal teams to integrate cybersecurity function into the overall process, mitigating supply chain risks for the company.
• Manage third-party risk processes, including assessments and reviews. Continuously identify opportunities for improvement to enhance its effectiveness and efficiency
• Escalate high-risk vendor issues to leadership and work with business stakeholders to develop and execute mitigation plans.
• Oversee monthly reporting on security assessments of AI vendors, provide expert analysis to leadership on AI-related risks and recommend strategic actions to resolve identified issues.
• Establish and manage a comprehensive set of criteria and assessment questions to support third-party risk management activities.

Managed Security Service Provider (MSSP) and Third-Party Security Incidents:

• Own vendor incident response governance program and playbooks.
• Ensure vendors provide formal evidence of incident containment and remediation and ensure compliance with security requirements before closing a third incident.
• Consolidate third party incident and GRC-owned MSSP results into executive dashboards.
• Embed incident response obligations into contracts and procurement.

Audit and Compliance:

• Oversee internal/external audit readiness and evidence collection.
• Ensure compliance with SOX, PCI, and privacy frameworks.
• Serve as audit liaison for the GRC function.
• Act as the primary contact for internal audit and take ownership of recreating risk and compliance assessment findings.

Policy Implementation:

• Manage the policy lifecycle from creation through enforcement.
• Ensure policies align with frameworks like NIST and PCI DSS.
• Ensure the organization adheres to all relevant policies and standards.

Cybersecurity Education:

• Manage company-wide security training programs.
• Strategically identify education and awareness needs based on enterprise-wide cybersecurity threats and business priorities.
• Establish metrics to evaluate the success of training initiatives, including trends in knowledge retention, behavior changes, and overall effectiveness of the security culture.
• Oversee continuous improvement of the training curriculum, ensuring it evolves to address new threats and compliance requirements.

Job Type & Location
This is a Permanent position based out of Edgewater Park, NJ.
Pay and Benefits
The pay range for this position is $125000.00 - $170000.00/yr.
We offer the following medical coverage options, all of which have prescription drug coverage included and access to 24/7 telemedicine. The options include:
Value Plan
Basic Plan
Plus Plan
Consumer Driven Plan (CDP) with Health Savings Account (HSA) The above plans provide access to the Aetna Choice POS II network of providers and will be referred to as our Care Coordinator options. Contact the Care Coordinators by Quantum Health for assistance finding in-network providers
Workplace Type
This is a hybrid position in Edgewater Park,NJ.
Application Deadline
This position is anticipated to close on Jun 18, 2026.

About TEKsystems

We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company.

The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.

About TEKsystems and TEKsystems Global Services

We're a leading provider of business and technology services. We accelerate business transformation for our customers. Our expertise in strategy, design, execution and operations unlocks business value through a range of solutions. We're a team of 80,000 strong, working with over 6,000 customers, including 80% of the Fortune 500 across North America, Europe and Asia, who partner with us for our scale, full-stack capabilities and speed. We're strategic thinkers, hands-on collaborators, helping customers capitalize on change and master the momentum of technology. We're building tomorrow by delivering business outcomes and making positive impacts in our global communities. TEKsystems and TEKsystems Global Services are Allegis Group companies. Learn more at TEKsystems.com.

The company is an equal opportunity employer and will consider all applications without regard to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.

San Francisco Fair Chance Ordinance: Pursuant to the San Francisco Fair Chance Ordinance, for all positions located in the city and county of San Francisco, we will consider for employment qualified applicants with arrest and conviction records.

Massachusetts Lie Detector: It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.

Use of Artificial Intelligence (AI): We may use Artificial Intelligence (AI) to support parts of our hiring process, including sourcing, screening, and evaluating candidates. AI helps assess applications and qualifications, but final decisions are made by our hiring team. By applying, you acknowledge and agree that your application may be reviewed using AI tools.