Manager, InfoSec Governance Risk and Compliance (GRC)

About the positionResponsibilities• Lead and own the Governance, Risk, and Compliance (GRC) program globally, managing and developing a high-performing team. • Manage and drive compliance efforts and audits for certifications such as FedRAMP, IRAP, ISO 27001, HIPAA, SOC1/SOC2, PCI DSS, and others. • Serve as the subject matter expert (SME) on security frameworks and standards including NIST SP 800-53 Rev 5, NIST 800-171, ITAR, FedRAMP, PCI DSS, SOC2, etc., providing guidance to internal stakeholders.• Efficiently manage and respond to customer security audit and compliance requests in a timely manner. • Maintain continuous compliance and monitoring of security controls to ensure ongoing adherence to standards. • Collaborate closely with Sales, Marketing, and Customer Success teams to effectively communicate Ivalua's security posture to prospects and customers. • Review and negotiate information security exhibits and contractual terms in partnership with the legal team. • Lead the Security Awareness and Training program to promote a culture of security across the organization.• Track, manage, and drive remediation efforts for control deficiencies and gaps identified through internal and external audits. • Oversee the Third Party Risk and Vendor Security Assessment program to mitigate supply chain risks. • Develop, maintain, and enforce InfoSec policies, standards, and plans. Requirements• At least 7+ years of proven experience leading GRC programs and managing compliance certifications and audits (FedRAMP, ISO 27001, HIPAA, SOC1/SOC2, PCI DSS, IRAP, etc.). • Strong knowledge of security frameworks such as NIST SP 800-53, NIST 800-171, ITAR, PCI DSS, SOC2, and FedRAMP.• Demonstrated ability to manage and influence stakeholders across multiple departments and time zones. • Excellent project management, analytical, and problem-solving skills with keen attention to detail. • Strong interpersonal and communication skills, capable of building trust and managing conflicts effectively. • Self-motivated with a high degree of initiative and ability to work independently. • Ability to handle multiple competing priorities and deadlines efficiently. • Bachelor's degree in related field preferred or equivalent experience with proven skills.Nice-to-haves• Excellent interpersonal, communication, and organizational skills. • Team player with the ability to interface effectively with a broad range of individuals and roles, including IT and vendors. • High degree of initiative, dependable, and able to work well with limited supervision. Benefits• Medical, dental, vision and transportation benefits. • Hybrid working model (3 days in the office per week). • Snacks and weekly lunches in the office. • Exceptional training and career development program.• Regular social events, competitive outings, team running events, and musical activities. Apply tot his job