Information Security Governance, Risk & Compliance (GRC) Director jobs in United States
cer-icon
Apply on Employer Site
company-logo

Medtronic · 4 days ago

Information Security Governance, Risk & Compliance (GRC) Director

positionLos Angeles, CA
timeFull-time
remoteOnsite
seniorityDirector/Executive
money$177K/yr - $265K/yr
date8+ years exp

Medtronic is a global leader in healthcare technology, dedicated to championing healthcare access and equity. The Information Security Governance, Risk & Compliance (GRC) Director will lead the company's global security governance framework and enterprise cyber risk management program, collaborating with various departments to strengthen security posture and ensure compliance with industry regulations.

Artificial Intelligence (AI)BiotechnologyHealth CareHealth DiagnosticsMedical Device
check
H1B Sponsor Likelynote

Responsibilities

Develop, manage, and continuously improve the Information Security Governance framework based on NIST 800-53, ISO 27001, and corporate risk objectives
Establish and maintain enterprise security policies, standards, and procedures in coordination with QARA, Legal, and IT
Lead the security steering committees and reporting for executive leadership and board-level governance
Own the global cyber risk management strategy, including frameworks, methodologies, risk assessments, and reporting
Partner with business units, manufacturing sites, and R&D to identify, assess, and mitigate technology and cybersecurity risks
Maintain the enterprise cyber risk register and report key risks, KRIs, and risk treatment plans to the CISO and leadership
Lead risk assessments for new products, vendors, technologies, and manufacturing systems
Ensure ongoing compliance with SOX NIST 800-53, HIPAA, and global data protection laws
Lead cybersecurity components of internal audits and third-party assessments
Manage alignment with industry frameworks
Build and operate a controls assurance program including internal control testing, continuous monitoring, and audit preparation
Serve as the primary Information Security liaison to Internal Audit and Quality Audit
Develop and track remediation plans for audit findings, vulnerabilities, and nonconformities
Oversee third-party cybersecurity risk assessments, contract security language, and ongoing monitoring of suppliers, including global manufacturing partners
Work with Procurement and Legal to ensure supply chain cyber requirements are enforced
Lead, mentor, and develop a high-performing GRC team (policy, risk, audit, compliance, privacy alignment)
Communicate cyber risks and compliance status to executives in a clear, business-focused manner

Qualification

Information Security GovernanceCyber Risk ManagementCompliance OversightNIST 800-53ISO 27001SOX ComplianceAudit EngagementsTeam LeadershipAnalytical MindsetContinuous ImprovementCommunicationStrategic MindsetCross-Functional Collaboration

Required

Requires a Bachelors degree and minimum of 10 years of relevant experience with 7+ years of managerial experience, or advanced degree with a minimum of 8 years of relevant experience with 7+ years of managerial experience

Preferred

Bachelor's degree in Cybersecurity, Information Technology, Engineering, or related field
10+ years of experience in information security, with at least 5 years in a GRC leadership role
Deep understanding of NIST 800-53, NIST CSF, ISO 27001, and SOX
Experience leading enterprise risk assessments, control testing programs, and audit engagements
Demonstrated success building and managing high-performance teams
Excellent communication skills, including the ability to present complex security topics to executives and regulators
Strong leadership presence and executive communication
Strategic and analytical mindset with a risk-based approach
Ability to influence cross-functionally in a regulated environment
Strong understanding of product, manufacturing, and enterprise cybersecurity
Continuous improvement and quality-driven mindset

Benefits

Health, Dental and vision insurance
Health Savings Account
Healthcare Flexible Spending Account
Life insurance
Long-term disability leave
Dependent daycare spending account
Tuition assistance/reimbursement
Simple Steps (global well-being program)
Incentive plans
401(k) plan plus employer contribution and match
Short-term disability
Paid time off
Paid holidays
Employee Stock Purchase Plan
Employee Assistance Program
Non-qualified Retirement Plan Supplement (subject to IRS earning minimums)
Capital Accumulation Plan (available to Vice Presidents and above, or subject to IRS earning minimums)

Company

Medtronic

twittertwittertwitter
Glassdoor3.9
company-logo
Medtronic is a healthcare technology company that designs and develops AI-based products and solutions for the medical industry.
dateFounded in 1949
location
Minneapolis, Minnesota, USA
people-size10001+ employees
web-link
https://www.medtronic.com

H1B Sponsorship

Medtronic has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (349)
2024 (387)
2023 (291)
2022 (310)
2021 (300)
2020 (261)

Funding

Current Stage
Public Company
Total Funding
$18.16B
Key Investors
NHS EnglandBlackstone Life SciencesTrade Capital Funding
2025-09-15Post Ipo Debt· $1.76B
2024-05-29Post Ipo Debt· $3.24B
2023-03-23Post Ipo Debt· $2B

Leadership Team

leader-logo
Geoffrey Martha
CEO and Chairman Of The Board Of Directors
linkedin
leader-logo
Linnea Burman
SVP & President, Neurovascular
linkedin

Recent News

mlive
Ann Arbor hospital performs milestone heart procedure
2026-01-08
Benzinga.com
Why Is Medtronic Stock Trading Higher After Analyst Upgrade
2026-01-07
PR Newswire
Study showed MiniMed™ 780G system achieved ADA-recommended time-in-range goals even on days users forgot to bolus
2026-01-07
Company data provided by crunchbase