Issues & Exceptions Management (IT Security & GRC) jobs in United States
info-icon
This job has closed.
company-logo

VARITE INC · 2 months ago

Issues & Exceptions Management (IT Security & GRC)

positionUnited States
timeFull-time
remoteRemote
senioritySenior Level
date7+ years exp

VARITE INC is a premier digital technology solutions company focused on disruptive innovation. They are seeking an experienced Issues & Exceptions Management professional to manage risk exceptions, track control issues, and drive remediation activities across the IT security landscape.

Information Technology & Services
check
Growth Opportunities

Responsibilities

Lead the Issues & Exceptions Management lifecycle—including logging, tracking, reviewing, and closure of control deficiencies and risk acceptances across security, infrastructure, and application domains
Collaborate with Risk Owners, Control Owners, and Business Stakeholders to assess impact, define compensating controls, and ensure timely resolution
Serve as the governance lead for exception handling, supporting risk-based decision-making, and facilitating periodic risk reviews
Ensure audit readiness and alignment with internal and external compliance requirements (e.g., SOX, ISO 27001, NIST CSF)
Work closely with the GRC team to enhance issue tracking platforms and improve reporting metrics and dashboards (Service Now GRC or similar)
Facilitate root cause analysis, control redesign, and action plan definition for recurring issues
Drive strategic program improvements in the Issues & Exceptions process, integrating best practices, tooling automation, and data governance
Monitor and report key risk and compliance indicators (KRI/KCI) related to open exceptions, overdue issues, and policy deviations

Qualification

IT Risk ManagementGovernance Risk & ComplianceIT Security ControlsServiceNow GRCRisk Assessment FrameworksAnalytical SkillsStakeholder ManagementChange ManagementCommunicationLeadership SkillsAttention to Detail

Required

7–12 years of professional experience in IT Risk, Information Security, or GRC functions with a focus on Issues and Exceptions Management
Proven expertise in governance processes, policy management, and risk treatment plans
Strong understanding of IT controls, risk assessment methodologies, and frameworks like NIST, ISO, COBIT, SOC 2, and SOX
Experience in managing strategic program changes, including exception governance models, stakeholder training, and communication plans
Hands-on experience with GRC platforms such as ServiceNow GRC, Archer, or MetricStream
Excellent communication skills with the ability to engage technical and non-technical stakeholders
Strong analytical skills and attention to detail in issue documentation and remediation tracking

Preferred

Professional certifications such as CISA, CRISC, CISSP, CGEIT, or equivalent
Experience managing security exceptions and remediation in cloud environments (AWS, Azure, GCP)
Familiarity with automated issue tracking and reporting mechanisms, including KRIs and control metrics
Background in regulated industries (e.g., Financial Services, Healthcare, Insurance, or Energy)
Prior experience in audit response, control testing, or internal audit coordination

Benefits

Candidate Referral program

Company

VARITE INC

twitter
Glassdoor3.7
company-logo
VARITE has a definite spirit.
dateFounded in 2000
location
San Jose, California, US
people-size1001-5000 employees
web-link
http://www.varite.com

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Adarsh Katyal
President & CEO
linkedin
leader-logo
Sue Patel Arora
Vice President Of Strategic Partnerships
linkedin
Company data provided by crunchbase