Apply on Employer Site

MeridianLink · 3 weeks ago

Governance, Risk, and Compliance Manager

United States

Full-time

Remote

Senior Level

$95K/yr - $148K/yr

5+ years exp

MeridianLink is seeking a Governance, Risk, and Compliance Manager to oversee the strategic direction and execution of objectives within the Security and Compliance function. The GRC Manager will be responsible for creating and managing security compliance policies, conducting risk assessments, and ensuring adherence to compliance requirements to protect the company's assets and information.

BankingFinancial ServicesFinTechInformation Technology

Responsibilities

The GRC Manager will be responsible for identifying, assessing, and mitigating risk. This may include establishing risk management procedures and processes to ensure adherence to policies

Expected to specialize in developing, evaluating, and implementing compliance with programs and processes to mitigate cybersecurity risk

Responsible for ensuring protection of firm and allied assets and information. Conducts security risk assessments, compliance, and cybersecurity audits. Selects, develops, and evaluates personnel to ensure the efficient operation of the function. Managers leading teams responsible for the overall risk to an organization’s business and financial operations, processes, and structures should be matched to Risk Management

The GRC Manager will oversee the development, evaluation, and implementation of governance, risk compliance, and processes to mitigate cybersecurity risk and ensure the protection of company and allied assets and information

The role will research and interpret current and pending laws and regulations, industry standards, and customer and vendor contracts to understand and communicate compliance requirements. Consults with business and technical leadership to ensure that data, processes, and technology are designed for data protection and compliance

Expected to oversee information security risk assessments and compliance audits; direct the development and operational effectiveness of IT security controls. Monitors investigations and documentation of cybersecurity compliance issues and incidents

Reviews information security risk findings and non-compliance with business leaders and proposes solutions to mitigate risks

Qualification

GovernanceRiskComplianceCybersecurity Risk ManagementGRC PlatformsRisk Assessment ToolsCISA CertificationCISM CertificationCRISC CertificationCISSP CertificationCommunication SkillsLeadership Skills

Required

Bachelor's degree in Information Security, Business Administration, IT, or related field

5–7 years of experience in governance, risk management, and compliance

Ability to provide guidance to subordinates within the latitude of established MeridianLink policies

Ability to recommend changes to policies and establishes procedures that affect section or multiple disciplines

Ability to execute financials, business planning, organizational priorities, and workforce

Ability to follow processes and operational policies in selecting methods and techniques for obtaining solutions

Ability to develop and manages operational initiatives to deliver tactical results

Interacts frequently with subordinate supervisors, customers, and/or functional peer group professionals, involving matters between sections and multiple units

Responsible for impact partnering with key contacts outside own area of expertise and other external stakeholders

Ability to effectively communicate and present results and recommendations across discipline

Hands-on experience with GRC platforms (RSA Archer, ServiceNow GRC, MetricStream) and risk assessment tools

Experience with SOC 2 Type 2 and PCI audits