Welcome page Returning Candidate? Log back in! Director, Governance Risk and Compliance (GRC) Location | US-Remote | US-IN-EVANSVILLE Job ID 2025-27371 Position Type Regular Full-Time Category Information Management Systems Additional Locations US-Remote | US-IN-EVANSVILLE Overview

As Director, Governance Risk and Compliance (GRC), you will be a hands-on people leader
responsible for our security governance, risk, and compliance programs in a technology-driven
organization. Partnering with our technology, business and legal teams, you will play a key role
in influencing the organization’s cybersecurity posture through assessing and driving remediation
of security risks and ensuring compliance with relevant frameworks and contracts. Your technical
expertise of security frameworks and understanding of cloud infrastructure will be crucial in
ensuring security posture aligns with industry best practices. This role offers the opportunity to
make strategic decisions, provide valuable recommendations, and collaborate with a broad group
of bright and energetic individuals throughout the company.

Responsibilities

• Drive adoption of relevant security compliance requirements through thorough analysis
and prescriptive guidance
• Define and lead security risk management process, leveraging automation and partnering
with stakeholders to perform hands-on risk assessments
• Oversee the policies and standards lifecycle process to ensure they address all relevant
cybersecurity requirements
• Define and lead cybersecurity awareness programs including annual training, topical
awareness campaigns in partnership with corporate communications, and phishing
simulations
• Proactively identify compliance gaps through continuous monitoring, working closely
with control owners to identify ways to effectively monitor compliance posture through
automation
• Oversee documentation and reporting identified security or compliance issues and work
with control owners on remediation requirements, strategy, and execution, providing
recommendations that can be reasonably adopted
• Regularly monitor remediation activities for noted findings, and escalate on remediation
plans that are at-risk of being overdue
• Develop and maintain security reporting to provide real-time and on-demand compliance
status
• Maintain an up-to-date understanding of emerging trends in information security risks;
apply new techniques and trends, in-line with overall information security objectives
• Establish partnerships with cross-functional teams such as IT, Legal, HR and Privacy to
ensure they understand their roles when supporting the security GRC programs
• Partner with the broader security team in establishing annual and long-term goals,
objectives, metrics, and reporting mechanisms

Qualifications • 7-10+ years of experience in technology audit, security risk management, and/or security
compliance role, with at least 2-4 years implementing or auditing compliance with key
cybersecurity standards (e.g., PCI DSS, ISO 27001, SOC2, etc.) in a cloud-first
environment• Experienced with cloud infrastructure technologies and services (e.g., AWS, GCP, Azure)as well as various enterprise SaaS solutions
• Functional knowledge of multiple security domains and information security industry
standards and best practices
• Experienced with the implementation and/or use of control automation and compliance
tools
• Effective in building relationships with organizational leaders and influencing senior
management
• Excellent organizational skills, proactive and self-sufficient with a proven ability to work
independently to effectively prioritize and execute tasks
• Drive, determination, and the ability to overcome roadblocks and initial objections
• Strong project management skills
• Ability to work collaboratively with multiple stakeholders across different backgrounds
and skill sets
• Strong written, verbal communication, and presentation skills.
• BS/BA in a related field (e.g., Computer Science, MIS) desirable, or equivalent relevant
experience
• Security-related or cloud-related certifications such as CISA, CISSP, AWS Solutions
Architect, etc. is a plus Options Apply for this job onlineApplyShareEmail this job to a friendRefer Sorry the Share function is not working properly at this moment. Please refresh the page and try again later. Share on your newsfeed We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any other federal, state or local protected class. Application FAQs

Software Powered by iCIMS
www.icims.com