Higher Logic
Some people connect businesses to people. Others connect people to people. We do both. #AllTogether
associations • customer communities • franchises • mobile • non-profit organizations
201 - 500
GRC Security Program Manager
September 7
🏡 Remote – New York
Higher Logic
Some people connect businesses to people. Others connect people to people. We do both. #AllTogether
associations • customer communities • franchises • mobile • non-profit organizations
201 - 500
Description
• This position is responsible for compliance with risk assessment, risk treatment, vendor qualification and audit support activities. • This position requires the ability to work independently on multiple concurrent complex projects. • Success in this position is largely dependent on the ability to monitor, organize and facilitate the implementation of security controls and have an effective understanding of the organization’s security policies. • Collaborate with team members and stakeholders to understand or identify defined work problems and program goals, obtain prioritized deliverables, and discuss program impact. • Prioritize program goals, understand and translate other stakeholders’ needs into program goals and prioritize deliverables with minimal assistance, and contribute to decisions on prioritizing goals and deliverables. • Define the scope of projects and develop, execute, and/or manage project plans for supported program(s). • Review key metrics pertaining to a program, monitor potential metric deviations, and define corrective actions for critical deviations. • Implement maturity frameworks across multiple programs factoring in emerging regulations and proactive detection of risks. • Identify, communicate, and collaborate with relevant stakeholders within one or more teams to drive impact and work toward mutual goals. • Establishment of learnings, best practices, standardized frameworks and tools across programs and projects. • Preparation of the detailed program/project plan along with the “services of common concern.” • Establishment of communication modes and cadences with various stakeholders, conducting planned and ad-hoc meetings with various stakeholders to ensure project milestones are on track and to communicate latest status to them, and sharing of meeting minutes and regular updates with various stakeholders. • Identification of stakeholders and their roles, keeping them updated on the progress of the project, addressing their concerns, seeking, and implementing their feedback. • Identification of risks and detailing of mitigation plans to ensure that the projects stays on track or are brought back on track in the event of delays or blockers. • Assisting Sales and procurement efforts with review of contract terms and conditions related to security and risk. • Support business travel on an as needed basis (up to 10%). • Conduct all business in accordance with Higher Logic policies and procedures. • All other duties as assigned.
Requirements
• A Bachelor of Science in Computer Science (or related field) or equivalent experience • 4+ years of experience in information security, cybersecurity, transparency reporting, integrity, and/or technology risk including one or more domains (e.g., access management, vulnerability management, change management, business continuity, application security, asset management). • 3+ years of experience in effectively analyzing data and programs for security risk, compliance, and maturity. • 2+ years program management experience in a corporate environment. • Experience in Jira and Drata • Typically requires a minimum of 5 years of related experience; or 3 years and a degree. • One or more information security certifications (CISSP, CISM, CISA, GIAC GSEC, OSCP, CompTIA Security+) • PMP certification a plus • Excellent oral and written communication skills • Experience implementing formal Risk Management methodologies preferred. • 3+ years of experience leading various application security audit standards, including ISO 27001/27701 and SOC II. • 2+ years Project Management experience. • Experience interacting with C-Suite leaders. • Exceptional verbal and written communication skills to interact with clients, auditors, and executives.
Apply Now
