Talent.com
Security GRC Manager
Security GRC ManagerEmployment Hero • Washington, DC, US
Security GRC Manager

Security GRC Manager

Employment Hero • Washington, DC, US
[job_card.variable_days_ago]
[job_preview.job_type]
  • [job_card.full_time]
[job_card.job_description]

Employment Hero Security Grc Manager

Employment Hero is on a mission to make employment easier and more valuable for everyone. Our Employment Operating System brings hiring, HR, payroll and benefits into an all-in-one solution.

Since our inception in 2014, we've scaled to a $2 billion valuation and gained a presence in 6 countries globally - Australia, New Zealand, Singapore, Malaysia, the UK and Canada. We now service over 300,000 businesses and more than 2 million employees.

At Employment Hero, we're proud of our unique DNA, which we call The EH Way.

  • We are Mission First - everything we do (from what we work on, to how we allocate capital and where we focus) is driven by our Mission
  • We are Remote First - we champion a remote environment with a preference for asynchronous communication and a high degree of autonomy
  • We are AI First - we are committed to using AI to accelerate our mission; AI is not just a tool, it's a fundamental part of how we operate, innovate, and scale
  • We are Apolitical - we do not take a position on political or social topics, unless it relates to our Mission
  • We Live by Our Values - we role model our values 100% of the time
  • We Expect High Performance - we set a high standard and we're not satisfied with being average

As our Security GRC Manager based in Australia in a full time capacity, you'll be leading the Global Security GRC Team and will be instrumental in shaping the information security management strategy for Employment Hero, making sure we are at the forefront of information security excellence.

Your key focus areas will be

  • Leadership and Team Management - Lead and manage a team of Security GRC professionals, providing guidance, mentorship, and support in their professional development.
  • Strategic Security Planning - Develop and drive the organisation's overarching information security and GRC strategy, ensuring alignment with business objectives and proactive mitigation of security risks.
  • Governance, Risk, and Compliance Oversight - Oversee the design, implementation, and continuous improvement of security governance processes, risk management frameworks, and compliance programs to ensure robust risk mitigation and regulatory compliance (eg. ISO 27001, SOC2, etc.)
  • Auditing and Compliance Reporting Lead internal and external security audits, ensuring the organisation meets compliance requirements and deadlines. Coordinate with auditors and facilitate the audit process, addressing gaps and driving remediation efforts based on audit findings. Ensure timely preparation and management of audit documentation and evidence.
  • Policy Development and Enforcement - Establish and maintain high-level information security policies, procedures, and standards. Ensure that they are effectively enforced and aligned with industry best practices and compliance requirements.
  • Stakeholder Collaboration - Serve as the primary liaison between internal stakeholders (IT, legal, compliance, product, engineering) to ensure effective implementation of security and risk initiatives and promote a culture of security across the organisation.
  • Risk Assessment and Reporting - Lead regular risk assessments, audits, and vulnerability assessments. Provide strategic recommendations to senior leadership based on findings and industry best practices.
  • Security Incident Management - Oversee and guide the response to security incidents, ensuring rapid remediation, effective communication, and root cause analysis.
  • Training and Awareness - Foster a security-conscious culture by developing and delivering security training programs, ensuring that employees at all levels understand their role in maintaining information security.
  • Continuous Improvement and Innovation - Stay current with emerging trends in information security, governance, and compliance. Recommend and implement continuous improvements to enhance security practices and safeguard the organisation's data and assets.
  • Compliance Reporting and Audit Management - Ensure the company meets compliance requirements and audit deadlines. Prepare and manage compliance documentation, working with external auditors when necessary.

    • To thrive at Employment Hero, you'll need to embody The EH Way - operating with focus, agility, and an obsession with impact. For this role, you'll also bring

  • A degree in information technology, information security, risk management, or equivalent work experience.
  • Industry certifications such as CISSP, CISM or CISA are highly desirable
  • Leadership & Communication Skills - Proven ability to lead and manage a team, with strong consultative, written, and verbal communication skills. Ability to influence stakeholders at all levels of the organization.
  • Demonstrated knowledge and understanding of contemporary frameworks and methodologies, such as ISO 27001, NIST 800-53, SOC2
  • Excellent written, oral, and influencing skills with the ability to work autonomously.
  • A strong focus on continuous improvement, with a proven ability to challenge the status quo constructively.
  • Broad knowledge of current Governance, Risk and Compliance (GRC) technological tools and methodologies.
  • Strong consultative skills, enabling effective communication of complex concepts to both technical and non-technical audiences.
  • Meticulous attention to detail.
  • A strong desire to learn and expand knowledge in the field of information security.

    • At Employment Hero, we don't just talk about a better way to work - we live it. Joining Employment Hero means

  • You will work remotely, with the flexibility to own your time and impact
  • You will access cutting-edge tools to amplify your work, knowledge and outputs
  • You'll surround yourself with ambitious, outcome-driven colleagues who challenge you to do the best work of your life
  • You'll own ESOP (employee share options) in one of the world's fastest-growing tech companies
  • You'll also have access to a wide range of benefits that includes : a very generous paternity leave policy, subsidised egg freezing (so you can make the choice that's right for you, on your terms), a WFH office expense budget, and outstanding learning & development opportunities

    • Employment Hero celebrates diverse perspectives and experiences, we invite people of all backgrounds and identities to apply for this position.

    [job_alerts.create_a_job]

    Security Grc Manager • Washington, DC, US

    [internal_linking.related_jobs]
    Senior SAP Security Configurator – GRC & Access Control

    Senior SAP Security Configurator – GRC & Access Control

    Accenture • Washington, DC, United States
    [job_card.full_time]
    A leading technology company is seeking a SAP Application Security Configurator to support US federal agencies.The role involves managing user access, implementing security protocols, and ensuring ...[show_more]
    [last_updated.last_updated_variable_days] • [promoted]
    Lead Security Engineer

    Lead Security Engineer

    Foxhole Technology • Alexandria, VA, United States
    [job_card.full_time]
    Job Title : Lead Security Engineer.Clearance : Top Secret w / SCI eligibility.Start : Based on Contract Award.Foxhole Technology provides robust cybersecurity and IT support capabilities for federal civ...[show_more]
    [last_updated.last_updated_variable_days] • [promoted]
    GRC Lead : Governance, Risk & Controls

    GRC Lead : Governance, Risk & Controls

    FGS Global • Washington, DC, United States
    [job_card.full_time]
    A global strategic communication consultancy is seeking a Head of GRC to drive risk governance and assurance initiatives. The ideal candidate will leverage 7-10+ years of GRC experience, manage secu...[show_more]
    [last_updated.last_updated_variable_days] • [promoted]
    Contractor SAP Security Officer (CSSO)

    Contractor SAP Security Officer (CSSO)

    The Aerospace Corporation • Crystal City, VA, United States
    [job_card.full_time]
    The Aerospace Corporation is the trusted partner to the nation's space programs, solving the hardest problems and providing unmatched technical expertise. As the operator of a federally funded resea...[show_more]
    [last_updated.last_updated_30] • [promoted]
    Security Engineer (Infrastructure), Public Sector

    Security Engineer (Infrastructure), Public Sector

    Scale AI, Inc. • Washington, DC, United States
    [job_card.full_time]
    Scale is a vital part of bringing AI-enabled technologies to the world, from autonomous driving to drones, robots, and large language models. For example, Scale works with the world's top self-drivi...[show_more]
    [last_updated.last_updated_30] • [promoted]
    Lead Security Engineer - Cyber Security

    Lead Security Engineer - Cyber Security

    Relativity • Washington, DC, United States
    [job_card.full_time]
    As a Lead Cyber Security Engineer, you will ensure the security of Relativity's network and infrastructure.In this role, the main responsibilities will be to investigate and analyze emerging threat...[show_more]
    [last_updated.last_updated_30] • [promoted]
    Corporate Security Manager

    Corporate Security Manager

    OpenAI • Washington, DC, United States
    [job_card.full_time]
    The Corporate Security team is responsible for the security and protection of all OpenAI employees and executives.We are committed to creating and maintaining a secure environment that allows our t...[show_more]
    [last_updated.last_updated_variable_days] • [promoted]
    cUAS Emerging Threat & Risk Analysis Team Lead

    cUAS Emerging Threat & Risk Analysis Team Lead

    Amyx • Washington, DC, United States
    [job_card.full_time]
    The Counter-UAS Emerging Threat & Risk Analysis Team Lead will direct a team responsible for identifying, assessing, and mitigating evolving unmanned aircraft system (UAS) threats to critical infra...[show_more]
    [last_updated.last_updated_variable_days] • [promoted]
    Director, Risk Governance & Strategy (Hybrid) (Richmond, VA or Columbia, MD)

    Director, Risk Governance & Strategy (Hybrid) (Richmond, VA or Columbia, MD)

    Atlantic Union Bank • Columbia, MD, United States
    [job_card.full_time]
    The Director - Risk Governance & Strategy will ensure key Enterprise Risk Management ("ERM") processes including identification, assessment, monitoring, management, and reporting of risks appropria...[show_more]
    [last_updated.last_updated_variable_days] • [promoted]
    Unarmed Security Officer

    Unarmed Security Officer

    Diversified Protection Corporation • Columbia, MD, United States
    [job_card.full_time] +1
    The Unarmed Security Officer (SO) plays a vital role in protecting our client's premises, assets, and personnel.Officers maintain a high-visibility presence to deter illegal or inappropriate action...[show_more]
    [last_updated.last_updated_variable_days] • [promoted]
    GRC Manager

    GRC Manager

    HR Force International • Arlington, VA, US
    [job_card.full_time]
    [filters_job_card.quick_apply]
    We are seeking an experienced Governance, Risk, and Compliance (GRC) Manager with a proven background in RegTech (Regulatory Technology) and Identity Verification (IDV) to join our growing team at ...[show_more]
    [last_updated.last_updated_30]
    Sr. Manager - Network Security Engineering & Ops (Remote)

    Sr. Manager - Network Security Engineering & Ops (Remote)

    Donnelley Financial, LLC • Rockville, MD, United States
    [filters.remote]
    [job_card.full_time]
    Join a dynamic team at the pulse of global markets, where we deliver innovative software and service solutions for essential financial reporting and capital markets transactions.At DFIN, we are a v...[show_more]
    [last_updated.last_updated_30] • [promoted]
    Security Manager, Crisis Response

    Security Manager, Crisis Response

    FHI 360 • Washington, DC, United States
    [job_card.part_time]
    FHI 360 staff working in the United States are required to be fully vaccinated for COVID-19, regardless of the type of project or client they serve, or of their employment status (full / part-time, r...[show_more]
    [last_updated.last_updated_30] • [promoted]
    Endpoint Security Engineer Lead (CrowdStrike)

    Endpoint Security Engineer Lead (CrowdStrike)

    Leidos Inc • Arlington, VA, United States
    [job_card.full_time]
    Leidos has an immediate need for a lead Endpoint Security Engineer for a customer on a highly visible and strategic Cybersecurity Task Order. The Security Engineer will need to be a self-starter wit...[show_more]
    [last_updated.last_updated_variable_days] • [promoted]
    ConMon Lead

    ConMon Lead

    Leidos • Alexandria, VA, US
    [job_card.full_time]
    The ConMon Services Lead / SME will be directly engaged with DISA’s Risk Management Executive’s (RME) Continuous Monitoring program to ensure success. This role will be based onsite in Ale...[show_more]
    [last_updated.last_updated_variable_days] • [promoted]
    Network Security Engineer

    Network Security Engineer

    Office of The Chief Financial Officer • Northern Virginia, VA, United States
    [job_card.full_time]
    Government of the District of Columbia.Office of the Chief Financial Officer (OCFO).Network Security Engineer (INFOSEC).This position is located in the Office of the Chief Financial Officer (OCFO),...[show_more]
    [last_updated.last_updated_30] • [promoted]
    Manager, Governance Risk & Compliance

    Manager, Governance Risk & Compliance

    The Johns Hopkins University Applied Physics Laboratory • Laurel, MD, United States
    [job_card.full_time]
    Are you interested in being part of a forward thinking Cybersecurity program?.Are you inquisitive and analytical with expertise in Cybersecurity Governance, Risk, and Compliance?.If so, we 're look...[show_more]
    [last_updated.last_updated_30] • [promoted]
    Customs and Border Protection Officer - Experienced (GS9)

    Customs and Border Protection Officer - Experienced (GS9)

    U.S. Customs and Border Protection • Mount Airy, Maryland, US
    [job_card.permanent]
    Customs and Border Protection Officer (CBPO).Please make sure you read the following details carefully before making any applications. Customs and Border Protection (CBP) offers those interested in ...[show_more]
    [last_updated.last_updated_30] • [promoted]