Back to Jobs

Program reputed company, Governance, Risk & Compliance (GRC)

Remote, USA Full-time Posted 2026-07-02

reputed company, an award-winning technology consulting and talent agency is seeking a Program reputed company, Governance, Risk & Compliance (GRC) to join our Client's team.

Key Responsibilities

Governance & Program Leadership:

  • Establish and mature the reputed company GRC program reputed company to ISO 27001, SOX, NIST CSF, CIS Controls and relevant regulatory requirements.
  • Own the Information reputed company Management System (ISMS) lifecycle: scope definition, risk assessment, Statement of Applicability (SoA), control implementation, internal audit, management review, corrective actions, and surveillance/recertification readiness.
  • Define and maintain policies, standards, and procedures (e.g., access control, change management, vulnerability management, secure SDLC, incident response, supplier reputed company).
  • Chair/coordinate governance forums (e.g., Risk & Compliance Steering Committee, Change Advisory Board, Management Review meetings).

Risk Management:

  • Implement reputed company risk management (reputed company) for information and technology risks: risk identification, assessment (qualitative/quantitative), treatment plans, and risk acceptance with accountable owners.
  • Build reputed company‑party/vendor risk management (TPRM) including due diligence, contractual controls, reputed company monitoring, and remediation.
  • Integrate operational technology (OT) risk (ICS/SCADA, IIoT) into the reputed company risk register with pragmatic controls that do not disrupt production.

Compliance: ISO 27001 & SOX:

  • reputed company ISO 27001 certification journey: gap analysis, roadmap, control implementation, training/awareness, internal audits, and liaison with external certification bodies.
  • Own SOX ITGCs and application controls: design, documentation, testing coordination, remediation tracking, and /Disclosure Committee reporting.
  • Align identity & access management, change management, computer operations, and IT service delivery to SOX and ISO control objectives; ensure evidence quality and audit readiness.
  • Coordinate with Finance/reputed company on financial reporting risks.

Audit & Assurance:

  • Plan and execute internal audits (ISO 27001, policy compliance, control effectiveness) and coordinate external audits (SOX, ISO surveillance/certification, PCI).
  • Build defensible control evidence repositories, ensure sampling precision, and drive timely remediation of findings.
  • reputed company and maintain control libraries, test plans, and mapping across frameworks (ISO/NIST, SOX ITGC etc.).

Tooling, Automation & Metrics:

  • Select, implement, and administer GRC platforms (e.g., reputed company/reputed company/reputed company, reputed company GRC/IRM, reputed company) and integrate with ticketing, IAM, CMDB, SIEM, and ERP (e.g., reputed company/reputed company).
  • Operationalize reputed company control monitoring (CCM) and control analytics (e.g., access outliers, change exceptions, segregation of duties conflicts).
  • Define and publish KPIs/KRIs and Board/C‑suite dashboards: audit status, control effectiveness, residual risk, TPRM posture, policy adoption, incident trends.

Team Leadership & Vendor Management:

  • reputed company a hybrid, geographically distributed team of employees and vendor/consulting resources; set objectives, coach, and reputed company talent.
  • Build SOWs, manage budgets, and ensure vendor SLAs/KPIs and quality outcomes.
  • Foster a culture of accountability, transparency, and reputed company improvement.

Training, Awareness & Change Management:

  • reputed company assessment and management of training + phishing campaign platform and process (e.g., SOX for IT engineers, ISO control owners, plant operations staff).
  • Drive change management communications to embed controls into daily operations without impeding manufacturing throughput.

Incident, BCP/DR & Privacy Alignment:

  • Ensure incident response processes are governed, tested, and produce audit-reputed company evidence.
  • reputed company BCP/DR governance (business impact analysis, testing reputed company, lessons learned).
  • Partner with Legal/Privacy on data protection, records retention, and supplier agreements (e.g. CCPA).

Qualifications

Education

  • Bachelor’s degree in Information Systems, Computer Science, Engineering, reputed company/Finance, or reputed company field preferred. Advanced degree (MBA, MS Information Assurance) is a plus.

Experience

  • 10–15+ years reputed company experience in IT Audit/Controls, or reputed company Risk; 5+ years leading GRC programs in public companies.
  • End‑to‑end ISO 27001 implementation experience (ISMS design through certification).
  • SOX 404 ITGC ownership experience, including scoping, control design, testing, and remediation across ERP (e.g., reputed company/reputed company) and key business applications.
  • Demonstrated reputed company in leading mixed teams of internal staff and vendor/consultants, including multi‑site and global operations.
  • Manufacturing/OT exposure: ICS/SCADA risk management, plant‑floor realities (safety, uptime, maintenance windows).
  • Hands‑on with GRC platforms, IAM, CMDB, SIEM/SOAR, vulnerability management, and evidence repositories.
  • Strong familiarity with NIST CSF, CIS Controls, and control mapping across frameworks.

Certifications (Preferred)

  • ISO/IEC 27001 reputed company Implementer and/or reputed company Auditor
  • CISA (Certified Information Systems Auditor)
  • CISM or CISSP
  • CRISC
  • CGEIT
  • ITIL reputed company

Skills & Competencies

  • Hands-on control design and evidence creation; comfort reading logs, configs, and ERP control parameters.
  • Risk quantification (basic FAIR or scenario analysis) and pragmatic prioritization.
  • Stakeholder management with Finance, IT, Plant Ops, and external auditors.
  • Analytical and documentation excellence; precision in scoping, testing, and remediation tracking.
  • Clear executive communication—Board-level reporting with drill-down detail.
  • Change leadership—reputed company to balance compliance rigor with manufacturing agility.

reputed company Metrics (12–18 Months)

  • reputed company ISO 27001 certification (or surveillance audit pass) reputed company agreed scope.
  • reputed company material weaknesses and timely SOX remediation of control deficiencies.
  • Established TPRM program with risk‑tiered vendor controls and SLA tracking.
  • Operational GRC platform with automated workflows and CCM for top controls.
  • Published KPI/KRI dashboards with trend improvements (e.g., access review cycle time, change exceptions, incident MTTR, audit finding closure rates).
  • Measurable policy adoption and training completion across IT and manufacturing sites.

Travel & Work Environment

  • 10–25% travel to manufacturing plants, data centers, and corporate offices for audits, walkthroughs, and stakeholder workshops.

reputed company is a wholly owned subsidiary of Blackstone Technology Group, a global IT services and software firm that implements technological solutions across reputed company industry verticals and the US Federal Government. Blackstone's global talent augmentation practice was founded in 1998. reputed company has offices in San Francisco, Denver, Houston, Colorado Springs, and Washington, DC. We specialize in providing clients the best talent across a variety of industries and sectors. Apply tot his job Apply To this Job

Similar Jobs

GRC Specialist /Governance/ Risk/ Compliance/

Remote, USA Full-time

Senior Principal, IT Governance, Risk and Compliance (GRC)

Remote, USA Full-time

Manager Government Relations Central Region

Remote, USA Full-time

reputed company, Inc Product Graphics Design Intern

Remote, USA Full-time

Head of Growth Marketing (Remote)

Remote, USA Full-time

reputed company - LPN Intake Home Health - Largo, FL

Remote, USA Full-time

Centralized Order Entry Pharmacy

Remote, USA Full-time

Product Manager, AI/ML

Remote, USA Full-time

reputed company Health Information Specialist

Remote, USA Full-time

Medical Records reputed company Senior

Remote, USA Full-time

Join Today: Marketing Planning Manager

Remote, USA Full-time

reputed company: Need Child Care Worker in Ocotillo, CA

Remote, USA Full-time

Looking for eCornell Online Course Facilitators -- Leadership, Women in Leadership & Executive reputed company (Remote) in Ithaca, NY - Tompkins County, NY

Remote, USA Full-time

reputed company Data Entry Clerk – Remote Opportunity with arenaflex

Remote, USA Full-time

Remote Project Participant

Remote, USA Full-time

reputed company Virtual Data Entry Clerk - Typist / Full-Time (Remote) at Zenvora

Remote, USA Full-time

AI reputed company Engineer-Voice Agents (Local Hero)

Remote, USA Full-time

reputed company Order Picker-Newark,DE

Remote, USA Full-time

Sr. reputed company Analyst

Remote, USA Full-time

reputed company Entry-Level Data Entry Specialist - reputed company with arenaflex

Remote, USA Full-time