Head of GRC|Compliance Apply
I have a full time opportunity in Midtown Manhattan with one of our top tier investment management clients for a Head of GRC. This role will initially be an individual contributor role reporting to the CISO. Building out a GRC platform and establishing processes under the GRC umbrella will be important. This is a greenfield opportunity and candidates with established GRC experience are encouraged to apply.
This role will be 2 days onsite and 3 days remote.
This opportunity comes with a generous base salary and employee benefits plan.
Responsibilities
- Ensure compliance with global data privacy and protection regulations through the creation and maintenance of robust data handling and privacy policies.
- Identify, assess, and monitor enterprise risks, including strategic, operational, financial, privacy, and cybersecurity risks. Implement risk mitigation strategies and mechanisms to address identified risks and potential non-compliance.
- Define, develop, and oversee the implementation of the GRC strategy aligned with the company's business goals and legal requirements.
- Develop, maintain, and oversee GRC policies and procedures to ensure they are in accordance with applicable laws, regulations, and industry standards.
- Maintain a current understanding of relevant laws and regulations to ensure the organization achieves and sustains compliance. Proactively monitor and respond to regulatory changes and updates.
- Primary point of contact responding to various RFP's and client requests.
- Create comprehensive GRC reports for the executive leadership and board of directors that provide clear insights into the company's risk profile, compliance status, and governance effectiveness.
- Manage and monitor the GRC aspects of third-party relationships to ensure that vendors and partners are adhering to the company's GRC policies and relevant regulations.
- Coordinate with internal and external auditors to facilitate audits, with the goal of assuring compliance and address potential issues proactively.
Qualifications
- Extensive experience in Information Security, working with GRC tools and methodology is a must and needed for this job. Knowledge of laws and regulations is also a must. You will be the one building the GRC platform.
- Ability to identify, analyze, and effectively mitigate or manage enterprise risks. Familiarity with risk management frameworks and methodologies is essential.
- Strong ability to lead and manage the GRC function, develop and execute strategic plans, and guide the organization towards its GRC objectives.
- Excellent written and verbal communication skills, with the ability to present complex GRC issues and strategies clearly to various stakeholders, including the executive team and board of directors.
- Strong ability to analyze complex data, interpret compliance requirements, and develop effective solutions.
- Bachelors of Science Degree in Information Security or IT related field, or equivalent years of experience
Lori Sklarski
Senior Technical Recruiter
PRI Technology
P: 973.732.5454 x27
C: 973.432.9968
F: 973.732.5456
Lori.sklarski@pritechnology.com
www.pritechnology.com