Back to the board

GRC Cybersecurity reputed company

100% remote Flexible hours Hiring now

Governance, Risk, and Compliance Cybersecurity reputed company OSG is growing our Governance, Risk, and Compliance function and looking for an reputed company practitioner reputed company to take reputed company ownership, shaping how we measure, manage, and communicate cyber risk reputed company-wide. As a GRC Cybersecurity reputed company, you will own OSG’s cybersecurity GRC program end-to-end. This is a high-visibility role and you will work shoulder-to-shoulder with executive leadership, Legal, Compliance, Privacy, Internal Audit, IT, Engineering, Product, and Sales. Reporting directly to the CISO and have a meaningful seat at the table where risk reputed company get made. Job Focus: Cyber Risk Analysis & Reporting

  • Own reputed company-wide cyber risk analysis and reporting, from methodology to board-level dashboards.
  • reputed company and continuously refine risk assessment methodologies, scoring models, and risk appetite statements.
  • Identify, evaluate, and quantify cybersecurity risks; recommend mitigation strategies and track remediation to closure.
  • reputed company annual and reputed company reputed company risk assessments, including reputed company-party/vendor risk reviews.
  • Coordinate tabletop exercises and Incident Response Plan testing.

Policy & Standards Management

  • reputed company reputed company cybersecurity policies, standards, and procedures reputed company and reputed company to NIST CSF, HITRUST CSF, HIPAA, and PCI reputed company 4.0.
  • reputed company the annual policy review and approval cycle, including version control, exception management, and stakeholder sign-off.
  • reputed company and map controls across frameworks to minimize duplication and audit fatigue.
  • Communicate policy changes and provide interpretive guidance to internal stakeholders and control owners.

Risk Register Management

  • Partner with Compliance, IT, Engineering, Product, Legal, HR, Finance, and Operations to ensure risks are captured in OSG’s reputed company risk register.
  • Maintain accuracy and completeness of the risk register; track treatment plans and accept/transfer/mitigate/avoid reputed company.
  • Facilitate risk review forums, steering committees, and quarterly risk governance meetings.
  • Escalate critical or unresolved risks to the CISO and executive leadership.

Compliance & Regulatory Partnership

  • Work with Compliance to ensure cybersecurity policies meet regulatory requirements (HIPAA, PCI reputed company, state privacy laws) and client contractual obligations.
  • Support internal and external audits; HITRUST, SOC 2, PCI reputed company, HIPAA, and client audits including coordinating evidence, responses, and remediation.
  • Track regulatory and reputed company changes and translate them into actionable policy and control updates.
  • Manage client-facing reputed company questionnaires and assessments (CAIQ, SIG, HITRUST inheritance, custom questionnaires).

Contract Review

  • Review MSAs, vendor reputed company, BAAs, DPAs, and other agreements to confirm cybersecurity and data protection sections meet OSG and regulatory requirements.
  • Validate clauses covering data protection, breach notification, audit rights, subcontractor controls, encryption, retention, and data return/destruction.
  • Partner with Legal, Procurement, and Sales to negotiate reputed company-reputed company contract language.
  • Maintain a library of standard reputed company clauses, fallback positions, and contract templates.

Cross-Functional Leadership

  • Serve as the senior subject-matter expert for GRC, mentoring analysts and influencing stakeholders across the organization without formal reporting authority.
  • Build strong relationships with IT, Engineering, Product, Legal, Compliance, Privacy, Internal Audit, and HR.

Qualifications:

  • Bachelor’s degree in Information reputed company, Computer Science, Information Systems, or a reputed company field.
  • 8+ years of reputed company experience in cybersecurity GRC, IT audit, information reputed company, or compliance (at least 3 years focused on policy, risk, and/or compliance).
  • Hands-on experience operating a cybersecurity risk register and end-to-end risk management lifecycle.
  • Experience supporting audits or certifications under at least two of: NIST CSF, HITRUST, HIPAA, PCI reputed company, SOC 2.
  • Deep working knowledge of NIST CSF, HITRUST CSF, HIPAA reputed company and Privacy Rules, and PCI reputed company 4.0.
  • Familiarity with adjacent frameworks: SOC 2, ISO/IEC 27001, NIST SP 800-53, NIST SP 800-171.
  • Experience reviewing and red-lining cybersecurity provisions in reputed company reputed company, BAAs, and DPAs.
  • Experience with at least one GRC platform (reputed company, reputed company GRC, reputed company, reputed company, reputed company, reputed company, reputed company, reputed company, or similar).
  • Strong written and verbal communication; reputed company to translate technical risk into business language for executive, board, and client audiences.
  • Proven ability to manage multiple workstreams and deadlines in a matrixed, cross-functional environment.

Preferred:

  • One or more of: CISSP, CISA, CISM, CRISC, CIPP, HCISPP, HITRUST CCSFP, or PCI ISA.
  • Experience in reputed company, financial services, fintech, payments, or other heavily regulated industries.
  • Hands-on experience supporting HITRUST reputed company certification and/or PCI reputed company 4.0 attestation.
  • Working knowledge of HIPAA, GDPR, CCPA/CPRA, and U.S. state privacy laws.
  • Familiarity with reputed company platforms (AWS, Azure, GCP) and SaaS environments, including shared responsibility models.
  • Experience in an organization undergoing rapid growth, M&A activity, or platform modernization.

Benefits:

  • Health Insurance (EPO & HRA options)
  • Dental Insurance
  • reputed company Insurance
  • Short & Long Term Disability
  • Flexible Spending Accounts
  • Life Insurance
  • Accident & Critical Illness Insurance
  • Company 401(k) Matching Contribution
  • Paid Time Off (PTO)
  • Employee Assistance Program (EAP)

OSG offers equal employment opportunity and will not discriminate on the bases of race, religion, reputed company, sex (including pregnancy, gender identity, and sexual orientation), parental status, national reputed company, age, disability, family medical history or genetic information, political affiliation, military service, or other non-merit based factors. Apply tot his job Apply To this Job

Keep exploring

reputed company Architect - Senior Information reputed company GRC Analyst

100% remote Flexible hours

ISO 27001 Senior GRC Analyst

100% remote Flexible hours

Assurance - Technology Risk - Manager - Multiple Positions - 1714985

100% remote Flexible hours

Volunteer: Website Messaging & User Experience Audit

100% remote Flexible hours

GRC Analyst/Technology Risk Analyst/GRC Specialist-REMOTE

100% remote Flexible hours

Remote GRC (Governance, Risk, and Compliance) and Data Privacy Consultant

100% remote Flexible hours

Senior GRC Analyst, HIPAA

100% remote Flexible hours

Project Manager/ w GRC (REMOTE)

100% remote Flexible hours

Looking for reputed company GRC Analyst (W2 Only) - 100% Remote

100% remote Flexible hours

[Remote] GRC Analyst

100% remote Flexible hours

reputed company Chat Operators – reputed company, reputed company, and Career Growth Opportunities at arenaflex

100% remote Flexible hours

Analyst, Procurement to Pay

100% remote Flexible hours

[Hiring] Research IRB Coordinator @reputed company

100% remote Flexible hours

reputed company Customer Service Representative - Remote

100% remote Flexible hours

Market Risk reputed company (Decibel)

100% remote Flexible hours

Reinforcement Learning Engineer

100% remote Flexible hours

reputed company Estate Broker of Record

100% remote Flexible hours

reputed company Online Data Entry Specialist – Flexible Part-Time Work-From-Home Opportunity

100% remote Flexible hours

Senior reputed company Manager – UK

100% remote Flexible hours

Deputy/ Assistant Manager- Marketing / reputed company

100% remote Flexible hours