Enable job alerts via email!
GRC Manager
DriveNets
Middletown (NJ)
Remote
USD 100,000 - 130,000
Full time
Boost your interview chances
Create a job specific, tailored resume for higher success rate.
Job summary
A leading company is seeking a Governance, Risk, and Compliance (GRC) Manager to oversee their ISO 27001 program and manage vendor risks. This remote role requires strong organizational skills and the ability to engage with various stakeholders. The ideal candidate will have a proven track record in GRC and information security compliance, ensuring alignment with regulatory requirements.
Qualifications
- 5+ years of experience in GRC, information security compliance, or audit management.
- Proven track record leading ISO 27001 programs and audits.
Responsibilities
- Own and manage the company’s ISO 27001 ISMS, including policies and audits.
- Lead third-party risk management activities and vendor risk assessments.
Skills
Tools
Job description
Position: GRC Manager
#LI-Remote
US (EST Timezone), Canada - Remote Work/WFH
This is a REMOTE role *Preference given to East Coast Timezones*
Role Summary
Role Summary
We are hiring a Governance, Risk, and Compliance (GRC) Manager to lead our ISO 27001 program and oversee third-party risk management. This role is responsible for maintaining and evolving our information security management system (ISMS), managing audits, assessing vendor risks—including AI-related vendors—and ensuring alignment with regulatory and customer requirements. The ideal candidate combines strong organizational and documentation skills with the ability to engage technical and business stakeholders across the company.
Key Responsibilities
- Own and manage the company’s ISO 27001 ISMS, including policies, risk register, internal audits, and external certification readiness
- Lead third-party risk management activities, including onboarding reviews, due diligence, ongoing monitoring, and risk remediation
- Assess security and compliance risks of vendors and service providers, with specific attention to AI and SaaS vendors
- Maintain the vendor risk assessment process, criteria, and documentation aligned with ISO 27001, GDPR, and other relevant frameworks
- Coordinate with Legal, Procurement, and IT to ensure vendor contracts include appropriate security and compliance terms
- Track and manage findings, mitigation plans, and follow-up with business owners and vendors
- Drive internal compliance activities, including control assessments, evidence collection, and policy updates
- Respond to customer security questionnaires and support sales with documentation of our compliance posture
- Monitor evolving compliance, regulatory, and legal landscapes impacting our business (e.g., AI governance, data residency)
Requirements
Required Qualifications
- 5+ years of experience in GRC, information security compliance, or audit management
- Proven track record leading ISO 27001 programs, audits, and ISMS operations
- Hands-on experience in third-party/vendor risk management, including developing and applying security questionnaires
- Strong understanding of technical and operational risks in cloud-native, SaaS, and AI-enabled services
- Excellent communication and collaboration skills for engaging cross-functional teams and vendors
- Strong project management and documentation capabilities
Nice to Haves
- Experience with regulatory frameworks such as SOC 2, NIST CSF, GDPR, or CSA CCM
- Familiarity with emerging AI governance and security risks in enterprise SaaS environments
- Security certifications (e.g., CISM, CISSP, ISO 27001 Lead Implementer/Auditor, CRISC)
- Background in security operations or cloud infrastructure that informs risk evaluation of technical controls
- Experience with GRC tools and GRC automation
More About DriveNets
Based in Israel with locations in Romania, US, and Japan as well as extended teams, DriveNets operations cover more than 16 countries. With recognition by industry analysts and through numerous industry awards, DriveNets is pushing market momentum, allowing for faster service innovation from the network core to the edge. Visit our website:
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
Similar jobs
Cybersecurity GRC Manager for Technical Oversight of Software & Medical Solutions
Ascension
Remote
USD 90,000 - 130,000
Global Senior Governance, Risk, and Compliance Analyst
UGI Corporation
King of Prussia
Hybrid
USD 75,000 - 115,000
Compliance Officer - Marketing
TradeZero America
New York
On-site
USD 115,000 - 190,000
SAP Project Manager - Public Sector
Public Consulting Group
Remote
USD 115,000 - 140,000
SAP Project Manager - Public Sector
Flagship Kansas
Kansas
Remote
USD 115,000 - 140,000
job faster
