Security & GRC Manager

Overview

Hybrid
Depends on Experience
Full Time
25% Travel

Skills

GRC
IAM
Secuirty
SOC

Job Details

Responsibilities:

  • Develop and implement security governance, risk management, and compliance (GRC) strategies, policies, and procedures in line with industry standards and regulations
  • Monitor and assess potential security risks and vulnerabilities, and develop mitigation plans to prevent and address potential threats
  • Collaborate with cross-functional teams to ensure security requirements are integrated into all stages of product development and deployment
  • Manage and maintain security compliance certifications and audits, ensuring timely completion and accuracy of all required documentation
  • Stay updated on industry best practices and regulations related to security and GRC, and make recommendations for improvements to existing processes and procedures
  • Conduct regular security trainings and awareness programs for employees to promote a culture of security and compliance
  • Lead incident response efforts in case of security breaches or incidents, and provide post-incident analysis and recommendations for future prevention
  • Manage relationships with external auditors, regulators, and other stakeholders to ensure compliance with all applicable security standards and regulations
  • Communicate regularly with senior management and other stakeholders to provide updates on security and compliance initiatives and address any concerns or issues
  • Stay informed about emerging security technologies and trends, and make recommendations for their adoption if relevant to the organization's security strategy
  • Supervise and mentor junior team members, providing guidance and support in their professional development
  • Collaborate with sales and marketing teams to communicate the organization's security and compliance measures to potential and existing customer
  • Participate in customer meetings and presentations to address any security or compliance inquiries
  • Maintain and continuously improve the organization's security incident response plan
  • Conduct regular internal audits and risk assessments to ensure ongoing compliance and identify any potential areas for improvement

Qualifications:

  • 10 + years of experience in the information security leadership, GRC, and product security spaces
  • 7+ years of experience in leading and managing security teams (offshore & onsite)
  • Proven track record of building and implementing successful security programs including SOC
  • Proven knowledge of IT GRC frameworks such as COBIT, ISO 27001, NIST, etc.
  • Experience building and operating a security incident response program
  • Ability to build meaningful partnerships across diverse geographies and cultures
  • Strong understanding of product security best practices and industry standards
  • Excellent communication, presentation, and interpersonal skills
  • Ability to work effectively in a global environment, and experience with international customers
  • Strong analytical and problem-solving skills