Senior Manager, Governance, Risk, and Compliance

What You’ll Do

We are seeking a dedicated and experienced Senior Manager of Governance, Risk, and Compliance to join our dynamic team at DSA Cyber Security. This strategic role is pivotal in enhancing our cybersecurity framework, driving compliance with critical standards, and managing sophisticated risk assessments and policy governance.

Location: Hybrid, working onsite at our San Jose, CA headquarters 3 days a week, with the flexibility to work remotely the remainder of your time.

Job ID: 42133

Department: DSA Cyber Security

Reports To: Head of DSA Security Group

• Strategically develop, implement, and maintain a comprehensive GRC framework that aligns with global regulatory requirements, including but not limited to CPRA, CMMS, and various NIST standards.
• Lead complex vendor and third-party risk assessments with a focus on advanced threat modeling and mitigation strategist to protect organizational assets and information.
• Continuously review and enhance the organization’s information and physical security policies, ensuring they are robust, current, and compliant with international cybersecurity standards.
• Engage with senior stakeholders across the organization to integrate risk management and compliance into the corporate strategy, ensuring a cohesive approach to security and compliance.
• Collaborate with IT and cybersecurity teams to implement effective risk management practices and promote a culture of compliance across the organization.
• Mentor and develop a high-performing GRC team, fostering a culture of continuous improvement and professional excellence.
• Provide expert guidance on the interpretation and application of regulatory requirements, managing audits and investigations related to compliance issues.
• Prepare and present detailed risk and compliance reports to senior management, offering insights and strategic recommendations.

What You Bring

• Bachelor’s degree with 15+ years of relevant industry experience, or Masters with 13+ years in Information Technology, Cybersecurity, or a related field. A Master’s degree is preferred.
• Minimum of 8 years of experience in a GRC role within a cybersecurity environment, with at least 3 years in a managerial capacity.
• Profound knowledge of CPRA, CMMC, FedRAMP, NIST, and other relevant cybersecurity and privacy standards.
• Proven experience in conducting risk assessments, compliance audits, and reviewing and updating security policies.
• Strong leadership skills and the ability to manage cross-functional teams in a dynamic environment.
• Excellent communication, organizational, and analytical skills.
• Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or similar certifications strongly preferred.
• You’re inclusive, adapting your style to the situation and diverse global norms of our people.
• An avid learner, you approach challenges with curiosity and resilience, seeking data to help build understanding.
• You’re collaborative, building relationships, humbly offering support and openly welcoming approaches.
• Innovative and creative, you proactively explore new ideas and adapt quickly to change.

#LI-KD1

Last updated on Jul 25, 2024