Information Security GRC Manager

Job Summary

To lead the governance, risk, and compliance (GRC) program, the full-time Information Security GRC Manager will oversee enterprise risk management, compliance initiatives, and provide actionable insights on security posture, with a hybrid work arrangement available in Dallas, TX or Akron, OH, and remote options open.

Key responsibilities:

• Develop and maintain the enterprise information security governance framework and lead cross-functional governance forums
• Conduct enterprise-wide risk assessments and define, track, and report on Key Risk Indicators (KRIs) and Key Performance Indicators (KPIs)
• Plan and execute compliance assessments and serve as the primary liaison for external auditors

Required qualifications:

• Bachelor's degree in Information Security, Cybersecurity, Computer Science, Business, or related field (Master's preferred)
• 10+ years of experience in information security, IT risk, or compliance
• 2-3+ years of hands-on experience in a GRC-focused role
• Strong knowledge of frameworks and standards (e.g., NIST, ISO 27001, COBIT)
• Experience managing audits and working with external regulators or assessors