Manager, Information Security & GRC

Visier gives organizations a Workforce AI Edge: a set of AI-powered capabilities that help leaders understand the relationship between people and work, elevate the productivity of their employees, and win by adapting to change faster. We're a global leader in AI-powered people analytics, workforce planning, and compensation management solutions. All Visier technology is underpinned by its Real-time People Data Platform, which uses AI to unlock the business-transforming potential of people data, work data, and the fusion of both.

Founded in 2010 by the pioneers of business intelligence, Visier has over 60k customers in 75 countries - including enterprises like BASF, Panasonic, Experian, Amgen, eBay, Ford Motor Company, and more.

As our Manager, Information Security & GRC, you will be the architect and cornerstone of our integrated risk management and internal security programs. You will be responsible for safeguarding our corporate assets, data, and employees by developing and maturing our Governance, Risk, and Compliance (GRC) framework. This strategic leadership role requires a unique blend of technical security expertise and a deep understanding of business processes. You will not only manage our security posture but also ensure the entire organization makes risk-informed decisions aligned with our strategic objectives.

• Develop and enforce security policies and procedures, establishing clear guidelines for everything from data handling to acceptable technology use.
• Implement and manage data protection and privacy measures to ensure compliance with relevant regulations.
• Align the security program with our overall GRC strategy, ensuring a unified controls framework that efficiently meets multiple compliance and governance requirements (e.g., ISO 27001, SOC 2, GDPR).
• Lead the incident response process, from initial detection and containment to eradication and recovery.
• Establish and manage the Enterprise Risk Management (ERM) program, including defining the corporate risk appetite, conducting risk assessments, and maintaining a central risk register.
• Educate employees on current threats and best practices to foster a company-wide security-conscious culture.
• Manage vendor and third-party risk, ensuring all external partners meet our security standards.
• Collaborate closely with IT and other departments to ensure security is seamlessly integrated into all corporate systems and processes.

• 8-10 years of relevant experience combined with +1 year of team management.
• Cloud Security Expertise: Deep knowledge of securing cloud environments like AWS, Azure, or GCP.
• Regulatory and Compliance Acumen: In-depth understanding of the laws, regulations, and standards relevant to the organization's industry and geographic locations.
• Network Security: A strong understanding of firewalls, intrusion detection/prevention systems, and secure network architecture.
• Identity and Access Management (IAM): Proficiency with Single Sign-On (SSO) and Multi-Factor Authentication (MFA).
• Endpoint Security: Experience protecting employee devices and servers from threats.
• Audit Management: Proficiency in managing both internal and external audits, from planning and evidence gathering to responding to findings and tracking remediation.
• Vulnerability Management: The ability to identify, assess, and remediate vulnerabilities in corporate systems.
• Leadership and Communication: You can clearly articulate complex security concepts to both technical and non-technical audiences, influencing stakeholders across the organization.
• Strategic Thinking: The ability to align security initiatives with broader business objectives.
• Problem-Solving: The capacity to remain calm under pressure and make critical decisions during a security incident.

• Professional certifications such as CISSP, CISM, or similar.

Visier is committed to creating a diverse and inclusive workplace to ensure every employee feels a sense of belonging and is connected to their work, their team and Visier. It is imperative that we take every opportunity to measure, track and advance this commitment. Building a diverse and inclusive workplace is essential to the success of Visier and the well-being of our employees. The information you provide helps make our diversity data actionable.

The information you provide is voluntary and only what you feel comfortable with. Your decision to respond or not, will in no way impact your eligibility for employment.

Learn more about Visier’s Candidate Privacy Notice here.