Please contact your Administrator to change your authorization settings.
Contract-to-hire
Remote
Why We're Hiring
The Global Risk Compliance Manager is a critical position within the company. The candidate will act as the technical subject matter expert in maintaining information security compliance with applicable laws, licenses, and regulations in the regions that they do business.
What You'll Do
- Responsible for implementing and maintaining procedures and controls to assure security compliance with applicable regulatory, contractual, and legal requirements as well as good business practices
- Work closely with business, technology, and compliance counterparts to understand business objectives, initiatives, and ensure alignment with cybersecurity policies and best practices
- Lead the annual security program roadmap and status reporting on initiatives and KRIs. Create presentation materials and lead discussion for key stakeholder meetings.
- Ensure applicable standards and regulations pertinent to company are effectively implemented and act as an advisor to all managers
- Conduct analysis of new regulations that impact the information security program.
- Coordinate external reviews and/or assessments from regulators, audit firms, and client due diligence requests.
- Own the security risk register and the ongoing management of inherent and residual information security risks.
- Prepare heat maps and analytics of known risks.
- Operationalization of a metrics and reporting function to continually report on meaningful information security risk and compliance metrics for operational and executive management
- Work closely with the VAPT team
- Create and update the hardening checklist
- Conduct global training sessions regarding information security for theirinternal team
- Professional and technical certifications desired but not required such as CISM or CISSP
- Ability to reach technical and non-technical audiences across all levels of the organization.
- Must possess basic knowledge of networking, different operating system, endpoint devices and security devices
- Work experience related to information security and/or IT operational risk management is essential, across cloud and traditional IT patterns.
- Comprehension of the regulatory and legal landscape driving privacy/information security (NY DFS, GDPR, CCPA, etc.)
- Experience in leading organizations through Information Security audits and certifications (SOC 2, FedRamp, ISO, etc.)
- A solid understanding of current technology capabilities, and a keen interest in staying abreast of emerging technology trends and information security domains
- Experience in contracting, implementing, and managing security service providers.
- General information security experience and knowledge of general security concepts, such as defense-in-depth, least privilege, security architecture and design, threat modeling, etc.
- Experienced in collaborating at all levels of an enterprise
- Creativity and initiative in work product, positive and helpful attitude proposing solutions to resolve problems
- Experience with implementing and managing GRC software solutions for Information Security use cases.
- Manage end-to-end portfolio delivery in terms of schedule, cost, scope and quality; anticipate risks and issues that may arise during the delivery of the portfolio process and ensure that appropriate mitigation actions are in place
- Design, measure and assess key performance metrics to inform data-driven decisions
- Demonstrate accountability; lead people with passion, enthusiasm, loyalty and integrity
- Knowledge of business continuity framework and standards
Apply now!
Vaco values a diverse workplace and strongly encourages women, people of color, LGBTQ+ individuals, people with disabilities, members of ethnic minorities, foreign-born residents, and veterans to apply.
Vaco is an Equal Opportunity Employer and does not discriminate against any employee or applicant for employment because of race (including but not limited to traits historically associated with race such as hair texture and hair style), color, sex (includes pregnancy or related conditions), religion or creed, national origin, citizenship, age, disability, status as a veteran, union membership, ethnicity, gender, gender identity, gender expression, sexual orientation, marital status, political affiliation, or any other protected characteristics as required by federal, state or local law.
Vaco LLC and its parents, affiliates, and subsidiaries are committed to the full inclusion of all qualified individuals. As part of this commitment, Vaco LLC and its parents, affiliates, and subsidiaries will ensure that persons with disabilities are provided reasonable accommodations. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact .
Vaco also wants all applicants to know their rights that workplace discrimination is illegal.
By submitting to this position, you agree that you will be giving Vaco the exclusive right to present your as a candidate for the foregoing employment opportunity. You further agree that you have represented information about yourself accurately and have not affirmatively misrepresented your qualifications. You also agree to maintain as confidential, to the fullest extent permitted by law, any information you learn from Vaco about the position and you will limit disclosure of information about the position only to the extent necessary to perform any obligations in furtherance of your application. In exchange, Vaco agrees to exercise reasonable efforts to represent you through all solicitation, job screening and resume dispersal.
Vaco LLC and its parents, affiliates, and subsidiaries ("we," "our," or "Vaco") respects your privacy and are committed to providing transparent notice of our policies.
- California residents may access Vaco's HR Notice at Collection for California Applicants and Employees .
- Virginia residents may access our state specific policies .
- Residents of all other states may access our policies .
- Canadian residents may access our policies in English and in French .
- Residents of countries governed by GDPR may access our policies .
Determining compensation for this role (and others) at Vaco depends upon a wide array of factors including but not limited to:
- the individual's skill sets, experience and training;
- licensure and certification requirements;
- office location and other geographic considerations;
- other business and organizational needs.
With that said, as required by local law, Vaco believes that the following salary range referenced above reasonably estimates the base compensation for an individual hired into this position in geographies that require salary range disclosure. The individual may also be eligible for discretionary bonuses.