Revspring - New York, NY
posted 22 days ago
Full-time
New York, NY
Administrative and Support Services
About the position
The Governance, Risk, and Compliance (GRC) Program Manager plays a critical role in safeguarding the organization's reputation and ensuring operational excellence. This position is responsible for developing and implementing a comprehensive GRC framework that aligns with industry best practices and regulatory requirements, focusing on governance, risk management, compliance, and incident response.
Responsibilities
- Develop and maintain a robust governance framework, including policies, procedures, and standards.
- Assist with corporate governance activities, such as board meetings and shareholder communications.
- Ensure effective communication and collaboration between different departments and stakeholders.
- Identify, assess, and prioritize risks to the organization.
- Develop and implement risk mitigation strategies.
- Monitor and report on key risk indicators.
- Conduct regular risk assessments and audits.
- Ensure compliance with relevant laws, regulations, and industry standards.
- Develop and implement compliance programs and policies.
- Monitor and report on compliance performance.
- Conduct internal audits and investigations to identify compliance gaps.
- Implement and manage a GRC framework, such as NIST, HITRUST.
- Utilize GRC tools and technologies to automate processes and improve efficiency.
- Develop and maintain a GRC dashboard to track key metrics and performance indicators.
- Develop and implement an incident response plan.
- Participate in incidents and breaches.
- Conduct post-incident reviews and lessons learned.
Requirements
- Strong understanding of governance, risk, and compliance principles and frameworks.
- Experience in developing and implementing GRC programs.
- Knowledge of relevant laws, regulations, and industry standards.
- Strong analytical and problem-solving skills.
- Excellent communication and interpersonal skills.
- Ability to work independently and as part of a team.
- Strong project management skills.
- Bachelor's degree in a relevant field (e.g., business, finance, information technology, or law).
- 5+ years of experience in GRC, risk management, or compliance roles.
- Certification in GRC or related fields (e.g., CISA, NIST, HITRUST, PCI) with HITRUST preferred.
