Remote Information Security Manager - GRC

Summary

Join G-P as an Information Security Manager - GRC and take the lead in strengthening our security framework and ensuring global regulatory compliance. As an Information Security Manager - GRC, you will drive the development and implementation of our GRC program, working to protect G-P’s infrastructure and data assets.

Requirements

• Bachelor’s degree in Information Security, Computer Science, or a related field
• Industry certifications like CISSP, CISM, or CISA are preferred
• Minimum of 5 years in information security, risk management, audit, or compliance roles, with a focus on GRC programs and frameworks
• Strong understanding of global regulatory requirements, including GDPR, SOC2, ISO 27001, and familiarity with other frameworks such as NIST
• Proven experience in managing third-party risk assessments and compliance
• Excellent analytical and problem-solving skills, with an outcome-driven mindset
• Strong interpersonal skills, with the ability to engage cross-functional teams and communicate complex security concepts effectively
• Superior time-management abilities, with attention to detail and the capability to manage multiple projects

Responsibilities

• Design, implement, and maintain a comprehensive GRC framework aligned with industry standards and regulatory requirements, including ISO 27001, NIST, and GDPR
• Develop, review, and update security policies, standards, and procedures, collaborating with internal stakeholders to ensure compliance
• Conduct risk assessments, assist legal with the risk register, and provide actionable insights and reports to executive leadership on security risks
• Oversee third-party risk management, assessing vendors and partners for compliance with security standards
• Develop and coordinate incident response plans, assist in incident investigations, and lead post-incident evaluations to improve future security
• Ensure ongoing compliance with regulatory requirements, standards, and policies across global operations, performing regular audits and assessments
• Develop and deliver training programs to enhance security awareness throughout the organization
• Serve as the primary contact for internal and external audits, ensuring thorough audit preparation, coordination, and timely remediation
• Proactively identify and implement process improvements to enhance the organization’s overall security posture
• Manage and mentor a small team of GRC professionals, fostering growth and development while aligning team goals with G-P’s strategic objectives

Benefits

• Growth Opportunities: We support your development with mentorship, training, and professional growth initiatives
• Competitive Benefits: Enjoy a robust benefits package, including a competitive salary, bonus, and flexible work conditions
• Innovative Culture: Be part of a remote-first, diverse team that values innovation, creativity, and impactful contributions