PTR Global · 18 hours ago
174073: Sr GRC Manager of Risk & Compliance
United States
Full-time
Remote
Senior Level
$160K/yr - $160K/yr
5+ years expPTR Global is seeking a hands-on leader for the role of Senior Manager of Risk and Compliance. This position is responsible for the execution and operational delivery of security compliance, risk management, and audit functions, overseeing a team of compliance analysts and ensuring security controls and compliance objectives are met.
Information Technology & Services
No H1B
U.S. Citizen OnlyHiring Manager
Preeti Shriyan
Responsibilities
Design and lead the information security risk assessment strategy, methodology, and process
Coordinate enterprise-wide information security risk assessments, including reporting and oversight of risk treatment plans
Perform internal control reviews, gap assessments, and documentation of compliance with applicable security and privacy regulations (e.g. HIPAA, SOC 2, NIST, ISO 27001)
Manage risk and compliance resources for team execution
Oversee development and maintenance of security policies, standards, and procedures aligned with leading frameworks
Support contract and vendor reviews by assessing third-party risk and advising on risk acceptance/treatment
Deliver regular reporting on metrics, KPIs, risk posture, exceptions, remediation, and audit status
Provide approved responses to client inquiries and maintain documentation and response libraries
Ensure key security controls are identified, implemented, tested, and remediated as required
Evaluate and advise on security control recommendations to mitigate information security risks
Evaluate and advise on implementation and effectiveness of security controls for compliance with laws, regulations, and policies
Collaborate with business partners, global risk management, IT risk, product and data security, and external consultants
Respond to security assessments, questionnaires, and audits from regulators, clients, and third parties
Work directly with clients to provide advisory services to reduce risk, improve security posture, and achieve compliance
Prepare reports and deliverables including strategy, technical analysis, findings, and recommendations
Perform other duties as assigned
Qualification
Required
Must have Lead a GRC team not just participated
Bachelor's Degree (4-year) in Information Security, Information Systems, or related field
Required: CISA
5+ years management experience in Information Security with exposure to operational security, risk management, IT, compliance, and audit
5+ years experience specific to security risk management and compliance programs, processes, and execution
Ability to create workflow diagrams, system documentation, and playbooks
Strong analytical skills
Excellent written, verbal, and presentation skills
Experience with industry and regulatory standards (NIST 800-53, HIPAA, ISO 2700x, SOC 2, PCI DSS, GDPR, CCPA)
Prior experience auditing and performing audit quality control
Hands-on experience with GRC platforms and work management tools (e.g., Jira, Confluence)
Experience building cybersecurity strategies for large, complex organizations
Ability to operate independently, manage multiple priorities, and meet deadlines
Proven experience implementing cyber risk management structures, governance models, and organizational transformations
Strong expertise in five or more of the following areas: Cyber risk program management and delivery, Security architecture, Security technologies (firewalls, monitoring, IDS/IPS, malware detection), Data protection and application security/SDLC, Third-party risk management, Cloud security
Preferred
Preferred: CISSP, CRISC, CISM, or equivalent
Company
PTR Global
Engage with the largest Latina-owned IT & Professional staffing provider in the U.S.
201-500 employees
Funding
Current Stage
Growth StageCompany data provided by crunchbase