IS Governance, Risk and Compliance (GRC) Manager

We are seeking an IS GRC Manager to develop, deliver, and continuously improve First Quality's Information Security GRC Program. The Manager will lead the development, execution, and continuous improvement of the program, responsible for the protection of people and data within the company.

Requirements

• Bachelor's degree in Information Security, Computer Science, or related technology field.
• Minimum 7 years of experience in Information Security, IT Governance, Risk, or Compliance.
• CISSP, CISM, CRISC, or other relevant certifications preferred.
• Minimum 3 years of experience in a leadership or management role.
• Strong team leadership skills
• Experience managing audits, risk assessments, and compliance initiatives.
• Strong understanding of cybersecurity, risk management, and compliance concepts.
• Working understanding of key security technologies in IAM, endpoint protection, cloud security, networking etc.
• Strong knowledge of industry frameworks, especially NIST CSF, NIST 800-53 and NIST RMF.
• Experience with security awareness & training, policies & procedures creation, and contract reviews.
• Experience with DLP strategy formulation and tool rollouts.
• Excellent communication, negotiation, and presentation skills.
• Proven ability to work collaboratively across organizational teams.
• Familiarity with GRC and Incident Reporting tools such as OneTrust and ServiceNow.
• Experience with compliance or regulatory frameworks.

Benefits

• Attractive annual discretionary bonus
• Robust suite of employee benefits
• Annual training regarding data privacy and security
• Equal Opportunity employer