Listing Description

What You’ll Do
The Cyber Security Governance, Risk, and Compliance Associate Manager is responsible for the assessing and documenting of the SSI’s compliance and risk posture as they relate to the information assets.  The purpose of this position is to provide highly skilled technical and information security expertise for development and implementation of the information security risk management program and vendor risk management program.  Responsibility require leadership and project management expertise, as well as expertise to ensure effective system-wide security analysis; intrusion detection; standards and testing; risk assessment; awareness and education; and development of policies, standards and guidelines.

Location: Hybrid, working onsite at our Austin office 3 days per week with the flexibility to work remotely the remainder of your time 
Reports to: Director of Cyber Security (CISO)

Job ID: 41194

• The candidate will assist with various GRC tasks including client due diligence, security awareness, internal audit remediation, security controls strategies, and third-party/vendor risk management.


• Risk – Lead the development and implementation of the system-wide risk management function of the information security program to ensure information security risks are identified and monitored


• Risk – Internally assess, evaluate and make recommendations to management regarding the adequacy of the security controls for the information technology systems.


• Policy/Compliance – Lead the system-wide information security compliance program, ensuring IT activities, processes, and procedures meet defined requirements, policies and regulations.


• Policy/Compliance – Develop and implement effective and reasonable policies and practices to secure protected and sensitive data and ensure information security and compliance with relevant legislation and legal interpretation.


• Policy/Compliance – Execute the strategy for dealing with increasing number of audits, compliance checks and external assessment processes for internal/external auditors, NIST, SOC2, FedRAMP.


• Policy/Compliance – Documentation review; drafting of policy, procedures and standards, certification and accreditation documents


• Familiarity with SOC2 and FedRAMP audit process is a plus.

What You Bring

• Bachelor's degree in a technical field.


• Masters level education is plus. 


• 2+ years of experience in GRC and/or project management.


• Professional certification is Agile/Scrum master certification.


• Project Management certification is plus.  


• You’re inclusive, adapting your style to the situation and diverse global norms of our people.


• An avid learner, you approach challenges with curiosity and resilience, seeking data to help build understanding.


• You’re collaborative, building relationships, humbly offering support and openly welcoming approaches.


• Innovative and creative, you proactively explore new ideas and adapt quickly to change.