Cyber GRC Lead/Manager

Description
Cybersecurity Risk & Compliance management plays a pivotal role in embedding a culture of cyber risk and control management across this client's enterprise. Cybersecurity risk management capability is a key component in enabling the organization to inform and manage its enterprise risk profile. The Cybersecurity Risk & Compliance Lead will enable this by establishing cyber risk management program, processes to assess and manage the company's cyber risk profile.
They will build processes to identify, communicate, measure and report the operational effectiveness of cyber controls. They will be responsible for articulating cyber risk to enable decision-making towards finding the optimum balance between security risks and controls while enabling the business.
Working closely with cross-functional teams, they will provide expert guidance on security best practices, risk management, and compliance requirements. The scope of this role is global, and they will report directly to the Global Chief Information Security Officer.
Employee Value Proposition (EVP) - Why work here?
The client is passionate about helping our people achieve their ultimate potential. Thier people are curious, action-oriented and always striving to make themselves and those around them better. They are active listeners working to ensure understanding and problem solvers developing innovative solutions. If you can see yourself delivering excellent service to clients, giving back to our communities and being a part of our caring culture, you belong here.
Top Skills' Details
Minimum 10 years of experience in information security, with a minimum of 5 years in cyber risk management, building and maturing cyber risk management/GRC programs
Broad understanding of cybersecurity risks and control domains such as Network Security, Identity Security, Cloud Security, Data Protection.
Deep expertise with Security frameworks, including NIST and ISO27001.
Expertise with Risk Management frameworks and experience in measuring risk.
Expertise in measuring effectiveness of security controls.
Data and analytics mindset.
Employing authentic storytelling techniques to drive compelling stories and messages.
Nice to Have:
Relevant certifications such as CISSP, CRISC, CGEIT, CISM and/or SANS certifications

Bachelor's or master's degree in computer science, Information Assurance, MIS or related field or equivalent.
If candidates have no degree or relevant certs, that is fine. Culture fit and work experience matter more.
You will have overall accountability for:
Cybersecurity Risk Management and Controls
Maintain and mature the client's cyber risk management program.
Maintain and continually improve the company's key cyber control framework, including alignment to global standards.
Maintain an accurate view of the organization's cybersecurity risk profile across the globe through regular risk assessment and management.
Work with product and platform owners to ensure a common understanding of the control requirements for business-critical assets.
Adopt a data driven approach to measuring the effectiveness of the company's cyber controls.
Maintain Third Party and First Party Risk Management programs
Maintain New System Security Risk Assessment process
Maintain Security Awareness and Training program
Maintain and continually improve the company's processes for measuring and managing risk across our contracted third parties.
Maintain an accurate view of our risk profile across third-party suppliers.
Cybersecurity Posture Reporting
Maintain and continually improve the organization's cybersecurity metrics framework to measure the effectiveness of controls.
Identify opportunities to introduce automation over control effectiveness measurement.
Produce executive and stakeholder reporting on the Cyber posture of the organization.
Foster a culture of Cyber risk & compliance management across the organization.
Seek solutions to enable the business by leveraging insights.
Cybersecurity Policy Development
Maintain global security policies and standards.
Assist in completion of internal and external audits and regulatory assessments.
Additional Skills & Qualifications
Strong influencer - Ability to form open, effective, and trusting relationships with business and IT leaders
Strong communicator - Excellent communications skills, both written and verbal, and the ability to translate security principles and risks into business terms
Strong leadership acumen - Passionate about driving and sustaining change and innovation through committed leadership. Servant-leader mindset.
Previous experience building and maturing multi-country cyber GRC programs
Creative and results-oriented, who is good at balancing multiple priorities and issues
Strong collaborator - Team player up and down the organizational structure, ability to partner with global IT/ Security/risk departments
Provides a high level of professional service to customers (both internal and external) consistent with company standards and procedures.
Self-starter and strong organizational skills in a fast-paced environment
Actively listen to other team members
Finding new ways of solving problems
Able to accept and action feedback
Work Environment
Hybrid for those in KC. Those that aren't will need to travel occasionally for meetings. Works specifically in the CISO org and will be building this pillar so will have a larger team in the future but now will be relatively small. Travel expectations if not in KC would be quarterly or even twice a year for 2-3 days max in KC.
Business Drivers/Customer Impact
The client is expanding it's global impact and efforts so need to build out pillar leaders from a global lens in the CISO org. This is one of those roles.
Why is the position open
Position is open because they need someone taking on the pillar of cybersecurity within the CISO org as they expand globally
Pay and Benefits
The pay range for this position is $160000.00 - $180000.00/yr.
have company benefits and will send along to any one that we consider to submit.
Vacation
401K and match
Health benefits (very competitive)
Remote flexibility
Workplace Type
This is a hybrid position in Kansas City,MO.
Application Deadline
This position is anticipated to close on Mar 31, 2025.

About TEKsystems:

We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company.

The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.