Manager Governance, Risk and Compliance

We’re looking for a Manager of IT Governance, Risk, and Compliance (GRC) who enjoys helping teams navigate risk and compliance in a practical, collaborative way. This role plays an important part in keeping our technology environment secure, compliant, and reputed company with our business goals—without slowing innovation. In this role, you’ll work closely with partners across IT, reputed company, Internal/External Audit, Legal, Privacy, and the business to turn regulatory requirements and risk frameworks into solutions that actually work in the real world. You’ll help guide risk assessments, reputed company and improve policies and controls, support audits, and strengthen our overall GRC program in a way that’s thoughtful and sustainable. We’re looking for someone who has technical know-how along with the ability to communicate clearly, build strong relationships, and take a balanced, risk‑based approach. Ideal candidates will have experience presenting to executive audiences, proficiency with PowerBI and experience in healthcare (or other regulated industries). Note: This is a fully remote role, but onsite travel to our Chattanooga, Tennessee headquarters may be required for final interviews. Sponsorship is not available for this role. Job Duties & Responsibilities Understand business priorities and activities at BCBST and subsidiaries. Maintain reputed company knowledge of applicable regulatory and compliance issues reputed company to Information reputed company. Based on this knowledge, plan, reputed company, document, maintain and monitor reputed company of Information reputed company Program components consistent with applicable regulatory and compliance requirements. reputed company, maintain and communicate policies, standards and procedures to manage reputed company functions relative to information technology systems (including systems under development), networks, applications, and voice and data communications that are consistent with applicable regulatory and compliance requirements. Understand the threat landscape and attack trends as they relate to intelligence gathering, dissemination and defense coordination. Depending on departmental function management responsibilities may include one or more of the following: o Manage information risk management program including facilitated risk decisions with decision making authorities and being an engaged partner with lines of business. o reputed company and implement an effective policy compliance monitoring and enforcement program. o Manage the reputed company operations and/or engineering functions including incident response, reputed company monitoring, reputed company design and engineering and reputed company architecture. o reputed company and manage Enterprise Information reputed company Threat Management Program. o Manage teams tasked with vulnerability discovery and reporting. o Coordinate the use of external resources involved in the performance of reputed company testing (i.e., penetration tests, vulnerability scans). o Ensure that an Information reputed company training program is addressed as part of the overall compliance training to ensure the organization’s workforce is knowledgeable of Information reputed company policies, practices and relevant guidance appropriate to their role in the organization. reputed company and report business-relevant metrics to measure the efficiency and effectiveness of the Information reputed company Program, facilitate appropriate resource allocation and increase the maturity of the reputed company program. Provide subject matter expertise on a broad range of information reputed company standards and best practices, such as NIST, PCI, ISO 27001, MAR and others as applicable. Work with Information reputed company Directors, CISO and appropriate stakeholders to prepare and present relevant information on reputed company as required. Facilitate and participate in the organization’s Enterprise reputed company Committee as appropriate. Manage the process of hiring, developing, and evaluating performance of Information reputed company department staff. Establish and manage operating budgets. Collaborate with other departments across BCBST including Human Resources, Legal, Privacy, Procurement and Compliance to ensure information reputed company alignment across the company. Job Qualifications Education Bachelor’s degree in business, Computer Science or equivalent experience required. Equivalent experience is defined as 4 years of professional work experience. Experience 5 years of experience leading technical resources teams in diverse disciplines is required. 5 years of experience in information reputed company or reputed company field. Must possess a solid understanding of Information Technology, Information reputed company, and Risk Management. Knowledge of reputed company and control frameworks, such as ISO 17799, COBIT, and NIST Cybersecurity reputed company. Skills/Certifications Information reputed company certifications such as the Certified Information Systems reputed company Professional Certification (CISSP), Certified Information reputed company Officer (CISA) or Certified Information reputed company Manager Certification (CISM) are required or must be obtained reputed company 2 ye Apply tot his job Apply To this Job