Pay Growth
?
out of 5
Not enough data
Not enough info to score pay or growth
Information Security GRC Lead
Job
OREGON EMPLOYMENT DEPARTMENT
Medford, OR (In Person)
Part-Time
Review key factors to help you decide if the role fits your goals.
Job Security
?
out of 5
Not enough data
Calculating job security score...
Total Score
83
out of 100
Average of individual scores
Skill Insights
Compare your current skills to what this opportunity needs—we'll show you what you already have and what could strengthen your application.
Job Description
Job Listing ID:
4485066Job Title:
Information Security GRC Lead Application Deadline:
Open Until FilledJob Location:
MedfordDate Posted:
05/02/2026Hours Worked Per Week:
Not Provided Shift:
Not Provided Duration of Job:
Either Full or Part Time, more than 6 months You may contact this employer directly. (Obtain the contact information to print or add to your jobs.)Job Summary:
Job Description Role Overview We are seeking an Information Security GRC Lead to support compliance with customer security requirements, with a primary focus on TISAX. This role requires a strong understanding of security frameworks and the ability to translate technical and regulatory requirements into clear, actionable guidance for engineers, senior stakeholders, and executive leadership. The Information Security GRC Lead will be responsible for implementing and operationalizing assurance capabilities across the organization, enabling customer trust, regulatory compliance, and enterprise-wide risk visibility. Key Responsibilities TISAX & Assurance Lead the implementation of TISAX control requirements, including documentation and evidence management. Prepare Lithia & Driveway for TISAX assessments and audit engagements. Coordinate cross-functional remediation efforts across IT, Engineering, Legal, HR, Procurement, and Compliance. Maintain ongoing assurance and maturity tracking following assessments. Track remediation actions, risk acceptance, and escalations through established governance forums. Data Governance & Risk Management Lead the development of data governance controls, standards, and assurance processes. Align security and privacy controls with regulatory requirements and customer expectations. Partner with Legal, Privacy, and Technology teams to manage data-related risks. Support the integration of KPIs, KRIs, and risk metrics into GRC dashboards. Contribute to the progression toward a scalable, mature global GRC model. We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review
Insight Global's Workforce Privacy Policy:
https://insightglobal.com/workforce-privacy-policy/. Skills and Requirements- 3 years of experience in Information Security GRC, risk management, or assurance.
- Experience working with security frameworks such as ISO, NIST, TISAX, or similar.
- Proven ability to present complex security and risk topics to senior leadership.
- Strong documentation, reporting, and stakeholder communication skills.
- Direct experience with TISAX or automotive security frameworks.
- Background in data governance, privacy, or regulatory compliance.
- Familiarity with GRC tooling (e.g., OneTrust or similar platforms).
- Audit or assurance background.