This Job Vacancy has Expired!

Manager of Information Security GRC

Request Technology - Robyn Honquest

Posted on Sep 22, 2021 by Request Technology - Robyn Honquest

Chicago, IL 60601
IT
Immediate Start
$140k - $150k Annual
Full-Time


NO SPONSORSHIP

Manager of Information Security GRC

SALARY: $140k - $150k Flex plus 15% Bonus

You will Manage 4-5 People over all Security, Risk and Compliance. ISO 27001, ITIL, 800-53, COBIT, NIST

Responsibilities:

  • Leading the Information Security Risk and Compliance team in alignment with security strategy and regulatory or legal obligations.
  • Managing and executing the security risk and compliance program in collaboration with Information Security teams and stakeholders.
  • Management, alignment, mapping, continuous improvement of internal security controls framework and control owner relationships.
  • Integration expertise of vendor risk reviews, customer engagement surveys, control exceptions, risk assessments, audit readiness coordination, or security control requirement services.
  • Subject Matter Expert to stakeholders and team in relation to the spirit of controls, associated security framework or regulation, and alignment to information security.
  • Ensuring hiring, training, staff development, performance management and annual performance reviews are aligned and effectively executed to continue to grow skills and capabilities in accordance with Grainger's strategic needs.
  • Monitoring external developments that may impact overall risk profiles, including emerging threats, technological developments, regulatory changes, etc.
  • Report key operational, and program metrics designed to provide transparency of key attributes such as compliance readiness, security framework alignment, program maturity and operations.

Preferred Education & Experience:

  • Experience in managing regulatory, legal, and/or Information Security frameworks and obligations.
  • Comprehensive understanding of the spirit behind controls and their respective frameworks, regulations, or laws
  • Experience in working with control owners to establish accountability, awareness, rationale, and relevance.
  • Previous Risk Management experience preferred, with an emphasis on alignment to corporate risk appetite within the Cybersecurity discipline.
  • Three or more years of IT people management experience, preferably in Information Security
  • Written and verbal communication skills.
  • Ability to communicate information security and risk-related concepts to technical and nontechnical audiences at various hierarchical levels.
  • Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity Framework.
  • Skills in financial/budget management, scheduling and resource management.



Reference: 1330160679

Set up alerts to get notified of new vacancies.

Similar Jobs

Manager of Information Security - GRC

Chicago, IL

$140k - $150k Annual