JobsEQ by Chmura Logo

Security GRC Manager / Full Remote / $150K

Motion Recruitment

Location: Dallas, TX 75201
Type: Full-Time
Posted on: January 14, 2022
Security, Manager, Systems, IT, SDLC, ISO
Full Time
Want to be a part of one of the nation's fastest growing e-commerce companies? Then look no further! This high-growth startup is changing the game in men's personal care through their all-natural products. This company is looking to add a Security GRC Manager who can lead their efforts in governance, risk, and compliance responsibilities from a technology and security perspective across the organization. This individual will lead the GRC Team and will be directly responsible for implementing, maintaining, and improving policies, procedures, and internal controls to assure compliance with applicable regulatory and legal requirements, as well as best practices.
Required Skills & Experience
• Develop, maintain, and enforce Information Security policies, procedures, and standards
• Responsible for implementing and maintaining procedures and controls to assure compliance with applicable regulatory, contractual, and legal requirements as well as good business practices
• Bachelor's degree in Information Systems, Information Security, or other related discipline, or equivalent work experience
• Minimum of 8 years experience working in Information Security GRC with a broad understanding of a range of enterprise IT architectures (e.g., web applications, databases, operating systems, server infrastructure, mobile devices, and networking technologies)
• Understanding of security functions, including: secure change management, secure SDLC, software/application security, identity and access management, supplier security risk management, patch and vulnerability management and security controls testing and validation
• Experience in leading change and the principles of change management
• Ability to recommend and manage the implementation of IT controls for compliance with relevant industry regulations and standards (including ISO 27001, NIST, CCPA, PCI, and SOX)
• Proven experience in the assessment of internal controls and communicating findings and recommendations to others clearly and accurately in non-technical terms is required
• Experience performing and managing security risk assessments against information security policies, standards, or frameworks
• Ability to translate technical information security risk findings and articulate them in business terms to non-technical stakeholders
The Offer
• Competitive Salary: Up to $150K/year, DOE
You will receive the following benefits:
• Medical Insurance & Health Savings Account (HSA)
• 401(k)
• Paid Sick Time Leave
• Pre-tax Commuter Benefit
Applicants must be currently authorized to work in the United States on a full-time basis now and in the future.