HS
HF SinclairIntern, Cybersecurity
Cybersecurity Intern assisting the Cyber GRC team and Project Manager at HF Sinclair. Gaining hands - on experience in Security Operations and Cyber Risk Management during the summer of 2026.
WK
Hybrid IT Security Associate Director – Governance, IT Compliance Platforms
Posted 2 weeks ago
About the role
- Define and execute the enterprise GRC technology and platform strategy, ensuring alignment with security frameworks (e.g., NIST CSF, NIST 800-53, DORA, etc.)
- Serve as the primary owner of the GRC platform(s), overseeing configuration, integration, upgrades, managing platform changes and roadmap and optimization to meet enterprise needs.
- Translate governance, risk, and compliance processes into platform workflows, dashboards, and reporting that support issue management, risk assessments, policy governance, evidence collection, risk register generation and alignment with organizational units.
- Collaborate with information security, IT, compliance, operations, and legal partners in the development, integration, and operation of the platform and intertwined product strategies and roadmaps.
- Drive automation of risk and compliance processes to reduce manual effort, improve audit readiness, and increase sustainability of controls.
- Develop dashboards, analytics, and reporting to provide actionable insights to executives, regulators, auditors, and business leadership.
- Establish platform governance standards, change control processes, and ongoing lifecycle management and own/drive cross-functional sessions and demand management mechanisms.
- Manage relationships with platform vendors and system integrators, including licensing, renewals, escalations, and roadmap discussions.
- Lead and mentor a small team of GRC platform administrators, analysts, or consultants as needed.
Requirements
- 12-15+ years of demonstrated progressive experience in IT, Cybersecurity, IT Governance and Risk, and Platform / Tool / Product architecture and management
- 10 years hands on experience delivering and leading wide-scale GRC platform initiatives and products
- 8+ years of hands on experience managing GRC platforms and solutions spanning multiple data sources, systems, and systems of record culminating and a centralized GRC ecosystem
- 5+ years management, enterprise-wide transition, and/or transformation programs
- Strong experience with various GRC and IT Security systems and platforms such as ServiceNow, and leading IT controls, compliance, scanning, vulnerability, and IT security tools and products
- Deep understanding of IT risk, security, compliance, and audit frameworks (e.g., NIST CSF, NIST 800-53, ISO 27001, COBIT, SOX, HIPAA, PCI DSS)
- Strong technical knowledge of GRC platforms (e.g., ServiceNow IRM, Archer, MetricStream, OneTrust, or similar)
- Experience designing automated workflows, integrations, and reporting dashboards
- Familiarity with regulatory requirements in multiple jurisdictions (e.g., EU, US, APAC)
- Knowledge of IT processes such as change management, incident management, and CI/CD integration preferred
- Excellent presentation skills, both creating slides and delivering presentations to a variety of audiences.
- Ability to translate complex regulatory and risk requirements into system design.
Benefits
- Medical, Dental, & Vision Plans
- 401(k)
- FSA/HSA
- Commuter Benefits
- Tuition Assistance Plan
- Vacation and Sick Time
- Paid Parental Leave
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Associate Director overseeing Network Security Governance at Novartis in Prague or Hyderabad. Driving cyber maturity, risk management, and governance frameworks for secure network environments.
NI
NTT DATA, Inc.Senior Associate Security Consultant – GRC
Senior Associate Security Consultant at NTT DATA making a difference through technical excellence in diverse teams. Collaborating on innovative technology and consulting projects in security consultancy.
Senior Associate Systems Integration Specialist at NTT DATA responsible for client security solutions. Leading installations and troubleshooting break/fix incidents in a hybrid work environment.
FB
Federal Reserve BoardInformation Security Specialist
Information Security Specialist at Federal Reserve managing cybersecurity risk and assessments. Collaborating with tech professionals to enhance security posture and risk management processes.
AU
Jr Information Security Analyst conducting PCI - DSS compliance projects for AuditSafe. Supporting security controls implementation and leading technical meetings in a hybrid work environment.
A2
A2SECURECybersecurity Consultant
Cybersecurity Consultant ensuring cybersecurity operations and delivering consultancy projects for clients, focusing on strategic risk management and compliance assessments.
Leads SOC team ensuring cybersecurity for LWSA's operations. Responsible for team management, incident response, and security monitoring.
LG
Liebherr GroupSenior IT Security Engineer
Senior IT Security Engineer developing and optimizing innovative security solutions in an international environment. Engaging in corporate information security utilizing best practices.
Regional Lead overseeing physical security infrastructure and operations for OpenAI’s data centers in Singapore. Collaborating with teams and managing security technologies for compliance and risk assessment.