Governance, Risk, and Compliance Manager

THE TEAM YOU WILL BE JOINING:

• A dynamic, rapidly growing digital company focused on leveraging innovation across technology and business operations.
• You will work closely with teams across the business, including technology, legal, and operations, to influence decision-making and drive improvements in security compliance.
• The company fosters a fun, energetic, and fast-paced work environment, empowering employees to excel and thrive.

• An opportunity to make a strategic impact by leading and managing key cybersecurity audits, compliance programs, and risk management processes across the organization.
• Opportunity to lead the security governance, risk management, and compliance programs that ensure the company’s cybersecurity posture aligns with industry best practices.
• The chance to take ownership of critical security processes, manage risk assessments, and lead the charge in improving cybersecurity awareness within the organization.
• As a hands-on people leader, your technical expertise will be pivotal in driving the organization’s security strategy, protecting vital data, and managing risks effectively.

• Hybrid - 3 days in office, 2 days remote
• South Charlotte

• Oversee cybersecurity audits, guiding the entire process from initial scope definition to ensuring readiness and working directly with external auditors to collect necessary evidence.
• Drive the adoption and implementation of key security compliance standards, providing actionable support to stakeholders to ensure these requirements are effectively met.
• Establish and manage the organization’s security risk management process, integrating automation, and conducting hands-on assessments to identify and mitigate security risks.
• Direct the creation and ongoing management of cybersecurity policies and standards, ensuring they align with the organization’s evolving security needs.
• Spearhead the development and execution of cybersecurity awareness initiatives, including training sessions, targeted campaigns, and simulated phishing exercises to boost security knowledge across the company.
• Proactively monitor the organization’s security compliance and identify gaps, collaborating with relevant teams to automate compliance tracking and enhance overall monitoring efforts.
• Keep detailed records of security or compliance challenges, providing insightful reports, and work with teams to develop and execute effective remediation plans.

• 5+ years of experience in technology audit, security risk management, or security compliance
• Experience with cloud infrastructure technologies and services such as AWS, GCP, and Azure, along with enterprise SaaS solutions.
• Implementation or audit compliance experience for PCI, ISO, or SOC2 in a cloud-based environment
• PCI audit experience with cloud-based / serverless technology and containers, and familiarity with deep cloud concepts is a plus
• Strong knowledge of multiple security domains and industry-standard information security practices.
• Experience with implementing and using compliance tools and automation systems.
• A Bachelor’s degree in Computer Science, MIS, or a related field, or equivalent relevant experience.
• Security-related or cloud-related certifications such as CISA, CISSP, AWS Solutions Architect, or similar are a plus.