IT Security GRC Expert, Global

Working Location:

 

PENNSYLVANIA, CENTER VALLEY

;

MASSACHUSETTS, WESTBOROUGH

Workplace Flexibility:

 Hybrid For more than 100 years, Olympus has focused on making people's lives healthier, safer and more fulfilling. ​​ ​ Every day, we live by our philosophy, True to Life, by advancing medical technologies and elevating the standard of patient care so people everywhere can fulfill their desires, dreams, and lives. ​ Our five Core Values empower us to achieve

Our Purpose:

Patient Focus, Integrity, Innovation, Impact and Empathy. Learn more about Life at

Olympus:

https://www.olympusamerica.com/careers.

Job Description The Senior IT Security GRC Analyst (Global) is responsible for the governance, oversight, and lifecycle management of IT Security risk across Olympus. This role ensures that security-related risks, controls, and obligations are identified, assessed, governed, and transparently communicated in alignment with internal policy, external regulatory requirements, and recognized industry frameworks. This position operates as a senior, globally consistent IT Security GRC role. While execution activities are distributed across regions, service providers, and technical teams, this role retains accountability for security risk governance, control framework alignment, exception management, and executive-level visibility. The role functions as a leader by default, exercising judgment, influence, and authority without requiring formal people management, and serves as a trusted partner to IT, business, security operations, architecture, privacy, and assurance functions. "The job is conducted in line with our Core Values which are: agility, empathy, long-term view, unity and integrity. Olympus is an equal opportunities employer championing a culture of equality, diversity and inclusion embedded throughout the organization and workforce."Job Duties The Senior IT Security GRC Analyst (Global) is accountable for the following core responsibility areas. Responsibilities are global in scope, with execution assigned based on regional needs, maturity, and business priorities. Establish, maintain, and operationalize IT Security governance structures aligned to Olympus policies and global standards. Ensure security-related policies, standards, and procedures are consistently interpreted and applied across regions and systems. Translate regulatory and framework requirements into actionable governance expectations for IT Security. Own the end-to-end lifecycle of IT Security risk, including identification, assessment, prioritization, treatment tracking, escalation, and reporting. Supports and escalates IT Security risk acceptance decisions in alignment with the enterprise risk management model and defined approval thresholds. Maintain and govern the IT Security risk register within approved GRC tooling. Evaluate security risks arising from systems, services, projects, third parties, and control gaps. Ensure material security risks are communicated upward in a timely and disciplined manner. Ensures material or unresolved IT Security risks are escalated and made visible in accordance with established governance processes. This role owns IT Security risk. Enterprise-wide IT risk ownership and acceptance resides with IT Assurance. Own governance of IT Security control frameworks (e.g., NIST, ISO), including control definition, mapping, and alignment to policy and regulatory requirements. Monitor and assess control effectiveness using evidence, metrics, and tool outputs. Validates security control effectiveness through evidence-based assessment methods aligned to recognized security frameworks. Govern security-related exception management, including documentation, risk evaluation, treatment tracking, and reporting. Partner with technical and operational teams responsible for control execution without assuming operational responsibility. Conduct and govern IT Security risk assessments for third-party vendors and service providers. Analyze security posture, identify control gaps, and recommend risk treatment options. Track and report third-party security risks and remediation commitments. Support secure procurement and onboarding processes through a security risk lens. Support internal and external audits by providing security-focused evidence, analysis, and responses. Coordinate security-related audit activities, timelines, and stakeholder engagement. Ensure security control obligations are traceable, defensible, and audit-ready. This role is not an audit function. Audit independence and ownership reside with IT Assurance. Interpret outputs from security and compliance tools to identify trends, risks, and control performance. Develop and maintain dashboards, KPIs, and executive-level reporting related to IT Security risk. Translate technical security data into clear business-relevant insights for executive leadership. Act as a leader and representative of IT Security GRC across global and regional stakeholders. Direct and oversee MSSP activities within defined GRC scope, ensuring alignment to governance expectations. Exercise judgment on escalation while maintaining proactive upward information sharing. Influence outcomes through collaboration, clarity, and accountability rather than hierarchy. Job Qualifications

Required:

A minimum of a Bachelor's degree in Information Security/ Technology is preferred or equivalent experience. Should hold at least one relevant and related security certification (

Ex:

CISM, CISSP, CISA, CRISC, etc.) Minimum 8 years of relevant work experience (IT Security, GRC, etc.) At least 5 years of Lead/Manager experience. Thorough Knowledge and understanding of Cybersecurity Frameworks, like ISO 27001/27002, NIST, CoBiT, BCM, ITIL, GDPR, ITAR, SOX (JSox) and IT Risk Management. Excellent oral and written communication skills in local language. Excellent oral and written communication skills in English. Why join Olympus? We offer a holistic employee experience supporting personal and professional well-being through meaningful work, equitable offerings, and a connected culture. Equitable Offerings you can count on: Competitive salaries, annual bonus and 401(k)

• with company match Comprehensive medical, dental, vision coverage effective on start date 24/7 Employee Assistance Program Free live and on-demand Wellbeing Programs Generous Paid Vacation and Sick Time Paid Parental Leave and Adoption Assistance
• 12 Paid Holidays On-Site Child Daycare, Café, Fitness Center
• Connected Culture you can embrace: Work-life integrated culture that supports an employee centric mindset Offers onsite, hybrid and field work environments Paid volunteering and charitable donation/match programs Employee Resource Groups Dedicated Training Resources and Learning & Development Programs Paid Educational Assistance
• US Only
• Center Valley, PA and Westborough, MA Are you ready to be a part of our team?

Learn more about our benefits and incentives: https://www.olympusamerica.com/careers/benefits-perks. At Olympus, we are committed to Our Purpose of making people's lives healthier, safer and more fulfilling. As a global medical technology company, we partner with healthcare professionals to provide best-in-class solutions and services for early detection, diagnosis and minimally invasive treatment, aiming to improve patient outcomes by elevating the standard of care in targeted disease states. For more than 100 years, Olympus has pursued a goal of contributing to society by producing products designed with the purpose of delivering optimal outcomes for its customers around the world. Headquartered in Tokyo, Japan, Olympus employs more than 31,000 employees worldwide in nearly 40 countries and regions. Olympus Corporation of the Americas, a wholly owned subsidiary of Olympus Corporation, is headquartered in Center Valley, Pennsylvania, USA, and employs more than 5,200 employees throughout locations in North and South America. For more information, visit www.olympusamerica.com. You Belong at Olympus We are deeply committed to fostering a respectful, fair, and welcoming workplace for all individuals, perspectives, and lifestyles. We believe in fostering a non-discriminatory, inclusive work environment where everyone feels a sense of belonging, in full compliance with legal standards. Empathy and unity are core to our company culture, empowering employees to contribute fully and flourish. We warmly encourage all who wish to bring their talents to Olympus to apply.

Applicants Requesting Accommodations:

Olympus is committed to the full inclusion of all qualified individuals. As part of this commitment, Olympus will ensure that persons with disabilities are provided reasonable accommodations for the hiring process. If reasonable accommodation is needed, please contact OCAAccommodations@olympus.com. If your disability impairs your ability to email, you may call our HR Compliance Manager at 1-888-Olympus (1-888-659-6787). Let's realize your potential, together. It is the policy of Olympus to extend equal employment and advancement opportunity to all applicants and employees without regard to race, color, national origin (including language use restrictions), citizenship status, religious creed (including dress and grooming practices), age, sex (including pregnancy, childbirth, breastfeeding, medical conditions related to pregnancy, childbirth and/or breastfeeding), gender, gender identity and expression, sexual orientation, marital status, disability (physical or mental) and/or a medical condition, genetic information, ancestry, veteran status or service in the uniformed services, and any other characteristic protected by applicable federal, state or local law.

Posting Notes:

|| United States (US) || Pennsylvania (US-PA) || Center Valley || Information Technology (IT)