RemoteLeaf Logo
Log in Sign up

Information Security GRC Manager

3 hours, 4 minutes ago
United States
Full-time
Lead
Penetration Tester
Cybersecurity
AWS Azure Cybersecurity GCP
Apply Now
ClearCapital.com,

ClearCapital.com,

Clear Capital is a real estate valuation technology company that provides valuation services, data and analytics tools, and a full suite of appraisal services. They offer intelligent valuation solutions for properties nationwide, serving the mortgage a...

Real Estate
1-10
View All Jobs 9

Description

  • Manage and mentor a team of GRC Security Analysts, providing direction and supporting professional development.
  • Oversee the security risk assessment process, including identifying, analyzing, and documenting risks across the organization and its third parties.
  • Lead the development, enforcement, and communication of security policies and control frameworks aligned to regulations and standards such as NIST, ISO, GDPR, and GLBA.
  • Develop, implement, and maintain security policies and controls for the safe and ethical use of AI systems.
  • Serve as the primary operational liaison for internal and external audits, including evidence collection, finding remediation, and audit readiness.
  • Support the third-party risk management program by reviewing vendors and business partners to reduce external risk.
  • Facilitate IT compliance activities and monitor the operational effectiveness of technical and general IT controls.
  • Partner with business and technical teams to ensure security controls are in place during the onboarding of new systems and solutions.
  • Define, track, and report qualitative and quantitative metrics to measure security program maturity and success.
  • Support incident response and disaster recovery efforts by applying GRC documentation and controls to resiliency programs.
  • Maintain data protection practices through data classification, data loss prevention, and records retention requirements.
  • Manage information security training requirements, including role-based training across the organization.

Requirements

  • 7+ years of experience in cybersecurity with a focus on governance, compliance, risk management, or audit.
  • 3+ years of experience managing or leading a distributed or hybrid team.
  • Expert-level understanding of regulatory frameworks and standards including NIST, ISO, GDPR, and GLBA.
  • Proven ability to manage GRC-related projects and work with cross-functional stakeholders to deliver on time and within scope.
  • Strong technical acumen in cloud security, DevOps, and application security across AWS, GCP, or Azure.
  • Exceptional written and verbal communication skills for communicating risk and compliance requirements to technical and business audiences.
  • Experience defining metrics, preparing management reports, and improving processes using GRC tools.
  • Preferred experience conducting tabletop exercises for business continuity.
  • Bachelor’s degree in computer science, information assurance, MIS, or a related technical field, or equivalent practical experience.
  • Holding or actively working toward CISSP, CISM, CISA, CRISC, or CGCG certifications.

Benefits

  • Base salary of $150,000 to $200,000 annually, depending on location, experience, and qualifications.
  • Company profit-sharing bonus program, communication stipends, and referral bonuses.
  • Comprehensive medical, dental, and company-paid vision insurance.
  • 401(k) retirement plan with employer match.
  • Paid time off and paid holidays.
  • Employee assistance and wellness programs.
  • Company-paid short-term disability coverage and company contributions to health savings funds with eligible HDHP participation.
  • Access to Galileo for virtual primary care and Rula for virtual mental health resources.
  • Career and skill development resources to support professional growth.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Sword Group

Senior OT Architect

Sword Group 1K-5K Internet Software & Services

Sword is seeking a Senior OT Architect to lead discovery, design, and technical leadership for complex operational technology environments across client engagements.

United Kingdom Full-time Senior Embedded Systems Engineer Penetration Tester
Cybersecurity
4 minutes ago
Ascera

CMMC Assessor

Ascera Internet Software & Services

112Cyber is seeking a compliance professional to conduct CMMC C3PAO assessments, support client advisory work, and help improve the company’s cyber risk and compliance delivery processes.

United States Full-time Mid Level Penetration Tester
Cybersecurity
34 minutes ago
Coalfire

Consultant - SOC2, PCI Assessment

Coalfire 251-1K Internet Software & Services

Coalfire is seeking a UK-based Consultant to perform SOC2 and PCI security and compliance assessments for clients across app development, finance, and B2B environments.

United Kingdom Full-time Junior Penetration Tester
$72k-$85k
AWS Azure Cybersecurity GCP
49 minutes ago
TEECOM

Principal Consultant - Security

TEECOM 51-250 Construction & Engineering

TEECOM is hiring a Principal Consultant, Security to lead complex remote project delivery in the United States, providing senior technical direction, client advisory support, and disciplined project execution across multi-discipline work.

United States Full-time Lead Penetration Tester Project Manager
$145k-$180k
Agile Asana GitHub
1 hour, 4 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers