Governance, Risk, and Compliance (GRC) Program Manager

About The Position

Requirements

• Strong understanding of governance, risk, and compliance principles and frameworks.
• Experience in developing and implementing GRC programs.
• Knowledge of relevant laws, regulations, and industry standards.
• Strong analytical and problem-solving skills.
• Excellent communication and interpersonal skills.
• Ability to work independently and as part of a team.
• Strong project management skills.
• Bachelor's degree in a relevant field (e.g., business, finance, information technology, or law).
• 5+ years of experience in GRC, risk management, or compliance roles.
• Certification in GRC or related fields (e.g., CISA, NIST, HITRUST, PCI) with HITRUST preferred.

Responsibilities

• Develop and maintain a robust governance framework, including policies, procedures, and standards.
• Assist with corporate governance activities, such as board meetings and shareholder communications.
• Ensure effective communication and collaboration between different departments and stakeholders.
• Identify, assess, and prioritize risks to the organization.
• Develop and implement risk mitigation strategies.
• Monitor and report on key risk indicators.
• Conduct regular risk assessments and audits.
• Ensure compliance with relevant laws, regulations, and industry standards.
• Develop and implement compliance programs and policies.
• Monitor and report on compliance performance.
• Conduct internal audits and investigations to identify compliance gaps.
• Implement and manage a GRC framework, such as NIST, HITRUST.
• Utilize GRC tools and technologies to automate processes and improve efficiency.
• Develop and maintain a GRC dashboard to track key metrics and performance indicators.
• Develop and implement an incident response plan.
• Participate in incidents and breaches.
• Conduct post-incident reviews and lessons learned.