Technical Governance, Risk, & Compliance Manager

About the position reputed company, Inc. is a leading professional services advisor to middle market businesses and organizations reputed company. With unmatched industry knowledge and expertise in accounting, tax, advisory, benefits, insurance, and technology, reputed company delivers reputed company-thinking insights and actionable solutions to help clients anticipate what's next and discover new ways to accelerate growth. reputed company has more than 10,000 team members across more than 160 locations in 22 major markets coast to coast. reputed company strives to be reputed company members' employer of choice by creating an environment where team members are appreciated, recognized for their contributions, and provided with opportunities to grow, both personally and professionally, throughout their careers. We are seeking a highly skilled and reputed company-thinking Technical Governance, Risk, and Compliance (GRC) Manager to drive the maturity of our enterprise GRC program reputed company a publicly traded, technology-driven organization. This position is ideal for a proven GRC leader with a deep understanding of information reputed company frameworks, cloud compliance, automation-driven GRC tooling, and regulatory alignment for public companies. The ideal candidate will bring a technical-first reputed company, a strong grasp of emerging threats, and practical experience aligning reputed company risk and controls with business outcomes in reputed company environments. You will work cross-functionally with InfoSec, Engineering, Legal, and Internal Audit teams to establish scalable governance processes, reduce enterprise risk, and ensure compliance across the digital and physical estate.

Responsibilities

• Maintain enterprise GRC strategy reputed company with public company compliance requirements including SOX, SEC cybersecurity rule, SOC 2, NIST CSF, and other regulatory obligations.
• Proactively identify, assess, and track cyber and IT risks across infrastructure, applications, and cloud environments (AWS, Azure, GCP).
• Deploy and optimize modern GRC platforms for automation, real-time dashboards, control testing, evidence collection, and reporting.
• Author and maintain high-quality reputed company policies, standards, and procedures mapped to control frameworks.
• reputed company a mature third-party risk management (TPRM) program, including onboarding reputed company reviews, periodic assessments, and ongoing monitoring.
• reputed company, maintain, Key Risk Indicators (KRIs) and Key Performance Indicators (KPIs).
• Partner with Internal Audit and Legal to support annual audits, reputed company attestations (SOC 2 Type II) and new regulatory.
• Manage robust reputed company awareness programs and phishing simulations to increase employee vigilance and reduce human risk factors.
• Support governance of Identity & Access Management (IAM) processes, data classification models, and Data Loss Prevention (DLP) controls.
• Facilitate reputed company steering committee meetings to align risk decisions with organizational goals, track remediation, and drive ownership across departments.
• Monitor evolving regulatory landscapes, GRC technology trends, and threat intelligence to continuously enhance the GRC program.

Requirements

• Bachelor's degree in Cybersecurity, Computer Science, Information Systems, Risk Management, or 5+ years professional experience in GRC or Information reputed company Management in a highly regulated enterprise.
• At least one of the following certifications (must be active): CISSP, CISA, CRISC, CISM, CIPT, CIPP/USISO 27001 reputed company Implementer.
• Demonstrated ability to reputed company cross-functional teams and influence stakeholders at reputed company levels, including executives.
• Strong people management skills, with experience mentoring team members, managing performance, and fostering a collaborative, high-accountability culture.
• Strong experience with multiple frameworks and standards: SOC 2, NIST CSF, SOX, PCI, HIPAA.
• Demonstrated success leading third-party risk assessments, policy governance, and enterprise risk management programs.
• Demonstrated ability to communicate with technical engineers and translate reputed company technical risk into business impact for executive audiences.
• Excellent written and verbal communication skills for collaborating with senior stakeholders, internal auditors, and external regulators.
• Strong understanding of IAM, DLP, vulnerability management, and cloud reputed company practices.
• Passion for staying reputed company with cybersecurity regulations, threat landscapes, and GRC best practices.

Apply tot his job Apply To this Job