This Job Vacancy has Expired!

GRC Security Manager

Request Technology - Craig Johnson

Posted on Oct 6, 2021 by Request Technology - Craig Johnson

Chicago, IL 60601
Immediate Start
$120k - $150k Annual

*We are unable to sponsor for this permanent Full time role*

*Position is bonus eligible*

Prestigious Fortune 500 Company is currently seeking a GRC Security Manager. Candidate will be leading the Information Security Risk and Compliance team in alignment with security strategy and regulatory or legal obligations.


  • Managing and executing the security risk and compliance program in collaboration with Information Security teams and stakeholders.
  • Management, alignment, mapping, continuous improvement of internal security controls framework and control owner relationships.
  • Integration expertise of vendor risk reviews, customer engagement surveys, control exceptions, risk assessments, audit readiness coordination, or security control requirement services.
  • Subject Matter Expert to stakeholders and team in relation to the spirit of controls, associated security framework or regulation, and alignment to information security.
  • Ensuring hiring, training, staff development, performance management and annual performance reviews are aligned and effectively executed to continue to grow skills and capabilities in accordance with strategic needs.
  • Monitoring external developments that may impact overall risk profiles, including emerging threats, technological developments, regulatory changes, etc.
  • Report key operational, and program metrics designed to provide transparency of key attributes such as compliance readiness, security framework alignment, program maturity and operations.


  • Experience in managing regulatory, legal, and/or Information Security frameworks and obligations.
  • Comprehensive understanding of the spirit behind controls and their respective frameworks, regulations, or laws
  • Experience in working with control owners to establish accountability, awareness, rationale, and relevance.
  • Previous Risk Management experience preferred, with an emphasis on alignment to corporate risk appetite within the Cybersecurity discipline.
  • Three or more years of IT people management experience, preferably in Information Security
  • Written and verbal communication skills.
  • Ability to communicate information security and risk-related concepts to technical and nontechnical audiences at various hierarchical levels.
  • Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity Framework.
  • Skills in financial/budget management, scheduling and resource management.

Preferred Skills:

  • A degree in Engineering, Information Technology, Computer Science, Risk Management, or Audit Practices is preferred.
  • Professional management certification in a related field such as Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials preferred
  • Experience in building, training, and developing a high-performing team.
  • Knowledge of information risk management, cybersecurity and IT compliance technologies.
  • Knowledge of relevant legal and regulatory requirements.
  • Six or more years of relevant work experience in a combination of risk management, information security and technology.

Reference: 1348481072

Set up alerts to get notified of new vacancies.

Similar Jobs

GRC Security Manager

Chicago, IL

$120k - $150k Annual