GRC and Privacy Manager Position Available In DeKalb, Georgia
Tallo's Job Summary: Robert Half is seeking an experienced GRC and Privacy Manager to oversee information security, privacy, and regulatory compliance risks. Responsibilities include conducting risk assessments, developing policies, and collaborating with auditors. Requirements include a Bachelor's degree, 5+ years of experience, and proficiency in compliance laws and regulations. Familiarity with eGRC tools and cloud environments is preferred.
Job Description
GRC and Privacy Manager
Robert half is hiring! We are looking for an experienced GRC and Privacy Manager to oversee and manage risks associated with information security, privacy, and regulatory compliance. In this role, you will be instrumental in developing policies, assessing risks, ensuring adherence to industry standards, and implementing controls to mitigate vulnerabilities. This position requires collaboration across departments to maintain compliance and safeguard organizational assets.
Responsibilities:
- Conduct comprehensive risk assessments across the enterprise to identify and mitigate vulnerabilities related to information security and privacy.
- Develop and maintain policies, standards, and procedures to ensure compliance with industry regulations and frameworks, including FedRAMP and
ISO 27001.
- Monitor and manage third-party vendor risks, escalating concerns to security management when necessary.
- Utilize tools such as Drata, Vanta, SecureFrame, and OneTrust to maintain oversight of compliance-related platforms.
- Collaborate with auditors to implement and maintain controls aligned with compliance and privacy laws.
- Research emerging threats and design effective risk mitigation strategies.
- Test and monitor privacy and security controls to ensure they are functioning as intended.
- Identify process gaps and recommend actionable solutions to improve compliance and risk management.
- Attend project and change management meetings to address security and compliance concerns.
- Map regulatory requirements to control frameworks and ensure alignment across the organization.
- Bachelor’s degree in information security, IT, computer science, or related technology field.
- Minimum of five years of experience in Risk, Governance, or Compliance roles.
- Strong understanding of laws, regulations, and standards related to information security and privacy.
- Excellent analytical skills to assess complex data and identify trends or discrepancies.
- Proficiency in both written and verbal communication to effectively convey compliance policies.
- Ability to stay informed on emerging technologies and industry best practices.
- Preferred experience with cloud environments such as AWS and Microsoft Azure.
- Familiarity with Governance Risk Compliance (eGRC) tools and Software-as-a-Service (SaaS) platforms.
Technology Doesn’t Change the World, People Do.®