Security GRC Manager managing audits and compliance programs at Salesforce. Overseeing cloud security compliance and collaborating across departments for risk management.
Responsibilities
Manage and improve internal control environments, ensuring continuous alignment with applicable regulations and industry best practices.
Act as a senior liaison for external auditors, assessors, and internal stakeholders during audits and assessments.
Oversee the implementation and monitoring of corrective actions and risk mitigation efforts.
Develop and maintain compliance documentation, policies, and procedures.
Provide compliance training and awareness to relevant business units.
Track compliance metrics, drive remediation efforts, and communicate risks and progress to senior leadership.
Requirements
6–8 years of relevant experience in information security compliance, risk management, or audit.
Deep knowledge of security standards and regulatory frameworks (e.g., ISO 27001, SOC 2,HIPAA, PCI, ISMAP, IRAP, etc.).
Experience managing compliance audits and interacting with external assessors or regulators.
Strong understanding of IT and security controls, particularly in cloud environments.
Good communication and stakeholder management skills.
Ability to translate regulatory requirements into actionable technical and process-oriented controls.
Relevant certifications (e.g., CISA, CISSP, CRISC, ISO Lead Auditor) are nice to have.
Prior experience working with GRC tools and automation platforms is nice to have.
Strategic mindset with the technical ability to translate compliance goals into engineering solutions is nice to have.
Passion for global compliance and finding the path of least resistance to get there is nice to have.
Ability to operate autonomously and drive innovation in regulated environments is nice to have.
Strong solutioning mindset, being able to break down complex problems with simple solutions that are communicated in a clear and concise manner is nice to have.
Cybersecurity Consultant strengthening the Incident Response Team at Conscia. Responsibilities include onboarding, incident management, and reporting for critical security incidents.
Join Cloudflare as a Security Third Party Risk Management Specialist. Execute vendor reviews and improve Cloudflare’s Third Party Risk Program in a rapidly scaling security organization.
Cyber Security Advisor safeguarding client digital environments by addressing cyber risks at Centorrino Technologies in Melbourne and Perth. Ensuring compliance with regulations and effective incident response.
Manage revenue growth across the UK National Security community for AI solutions at Mind Foundry. Lead sales lifecycle from opportunity qualification through contract negotiation and account expansion.
Lead technical design and delivery of Early Warning’s cross - border consumer money movement platform leveraging blockchain and stablecoins. Collaborate across teams to define strategy and architecture for secure and scalable solutions.
Lead the development and execution of a robust Cybersecurity Program for Field, an Energy Storage Provider. Responsible for compliance standards and effective controls across IT & OT environments.
Cloud Security Engineer ensuring secure solutions in the cloud for UMB's technology. Collaborating with teams to define security controls and integrate best practices.
AVP, Cloud Security Engineer responsible for designing and managing cloud security solutions at Synchrony. Collaborating with teams to ensure compliance and mitigate security risks.