CrawlJobs Logo

Global GRC Manager

triarecruitment.com Logo

TRIA

Location Icon

Location:
United Kingdom , Birmingham

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

60000.00 - 75000.00 GBP / Year
Save Job
Save Icon
Apply Position

Job Description:

We are seeking an experienced GRC professional to lead governance, risk management, and compliance initiatives within a highly complex, international organisation. This role requires strong leadership to drive adoption of security policies and motivate teams to align with the organisation's mission, vision, and values while achieving local business goals. The Global GRC Manager oversees the development and maintenance of security governance, risk management, and compliance frameworks across all regions. This role ensures alignment with cyber security strategy and regulatory standards, working closely with leadership, technology teams, and compliance stakeholders to maintain a strong security posture enterprise-wide.

Job Responsibility:

  • Lead governance, risk management, and compliance initiatives
  • Drive adoption of security policies and motivate teams to align with the organisation's mission, vision, and values
  • Oversee the development and maintenance of security governance, risk management, and compliance frameworks across all regions
  • Ensure alignment with cyber security strategy and regulatory standards
  • Work closely with leadership, technology teams, and compliance stakeholders to maintain a strong security posture enterprise-wide

Requirements:

  • Significant experience in information and cyber security governance, risk, and compliance roles, in a global context
  • Deep knowledge of cyber security operations, incident response, threat intelligence, and vulnerability management.
  • In-depth knowledge of regulatory requirements, security frameworks and industry standards (e.g., ISO 27001, NIST, ITIL).
  • Hands-on experience with cloud security governance, particularly Microsoft Azure

Nice to have:

  • Experience working in a Retail, Food & Beverage or similar environment
  • Experience working at a Global / International level
What we offer:

20% Bonus

Additional Information:

Job Posted:
January 10, 2026

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
TRIA - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Global GRC Manager

Integrated Risk Management Head of Department

The Integrated Risk Management (IRM) Head of Department is a senior leadership r...
Location
Location
United States , Irvine
Salary
Salary:
181240.00 - 259160.00 USD / Year
haeaus.com Logo
Hyundai AutoEver America
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 15–20 years of progressive experience in Information Security and GRC
  • Proven track record managing global risk and compliance programs in complex, multinational organizations
  • Familiarity with ISO 27001, NIST CSF, SOC2 Type II or similar security and risk management frameworks
  • Experience leading audits, certifications, and regulatory assessments
  • Strong stakeholder management and communication skills, with the ability to influence across all organizational levels and business units
  • Bachelor’s degree in Information Security, Risk Management, or related field
Job Responsibility
Job Responsibility
  • Oversee the enterprise-wide risk management lifecycle, including risk assessments, risk issue management, and risk exception management processes
  • Develop, update and maintain frameworks for identifying, assessing, mitigating, and monitoring security and operational risks
  • Ensure that risk posture and metrics are accurately reported to executive leadership, governance committees, business units and fellow heads of department
  • Lead the Information Security compliance program, ensuring alignment with regulatory and industry frameworks (e.g., ISO 27001, SOC 2, NIST, etc)
  • Coordinate and manage internal and external audits, assessments, and attestations
  • Partner with Legal, Privacy, and other control functions to ensure consistent and effective control implementation and testing
  • Lead the Third-Party Risk Management (TPRM) program, utilizing a risk-based due diligence, ongoing monitoring, and remediation process
  • Collaborate with Procurement, Legal, and business stakeholders to ensure integration of vendor risk management into the enterprise risk framework
  • Oversee the maintenance and governance of information security policies, standards, and procedures
  • Ensure policies reflect best practices, regulatory expectations, and evolving threat landscapes
  • Fulltime
Read More
Arrow Right

IT SOX Manager

The IT SOX Manager is a critical global role responsible for ensuring the effect...
Location
Location
United States of America , Tempe
Salary
Salary:
Not provided
https://www.circlek.com Logo
Circle K
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in information technology, Computer Science, Business Administration, or a related field
  • Professional certifications such as CISA, CRISC, or CISSP are preferred
  • 5+ years of experience in IT SOX compliance, IT audit, or IT risk management in a global organization
  • Proven experience with IT general controls (ITGCs), SOX 404, and related frameworks (e.g., COBIT, COSO)
  • Familiarity with ERP systems, cloud platforms, and GRC tools is highly desirable
  • Strong analytical and problem-solving skills with the ability to identify risks and recommend solutions
  • Excellent communication and interpersonal skills to collaborate with diverse teams and stakeholders globally
  • Strong knowledge of IT control design, operation, and testing methodologies
  • Detail-oriented with strong organizational skills to manage multiple priorities effectively
  • Ability to work both independently and collaboratively as part of a global team
Job Responsibility
Job Responsibility
  • Manage SOX IT Controls: Ensure controls operate effectively per schedule, coordinate testing and audits, and provide quarterly status updates to leadership
  • Enhance Control Design: Guide control owners on design improvements, identify gaps, and recommend enhancements for compliance and operational excellence
  • Oversee Remediation Efforts: Track, report, and support the resolution of control deficiencies, ensuring audit readiness
  • Expand IT Controls Beyond SOX: Develop and refine IT controls for non-SOX applications, ensuring consistency and risk mitigation
  • Provide Training and Support: Develop SOX training materials, conduct training sessions, and assist new control owners and application administrators
  • GRC Application Management: Manage the company's GRC tool for effective control tracking and assessments
  • Prepare for Stricter Compliance: Drive IT control enhancements to address increased scrutiny and skepticism from external auditors and stricter regulatory standards
  • Fulltime
Read More
Arrow Right

Cyber Manager's Control Assessment (MCA) Lead Analyst

This role will report to the Cybersecurity MCA Group Manager, responsible for pr...
Location
Location
Hungary , Budapest
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Have at least 8+ years of relevant experience
  • Experience in Manager’s Control Assessment (MCA), Operational Risk, Information Security, Cybersecurity, Risk Management, and/or Governance, Risk and Control (GRC)
  • Risk Management, Cybersecurity, and/or Project Management certifications are a plus (e.g. CRISC, CISA, CISM, CISSP, PMP)
  • Proven experience in implementing sustainable solutions and improving processes
  • Bring creative approaches to help us drive value for clients
  • Ability to influence decisions with senior leadership and business partners when confronted with differing opinions on information security risks
  • Proficiency with Microsoft Office, advanced Excel skills (e.g. macros, pivots, complex formulas)
  • Knowledge of data visualization/analytics business applications such as Tableau, QlikView, and Microsoft Power BI
  • Familiarity with Machine Learning and Artificial Intelligence (AI) is a plus
  • Fluent in English (ability to read, write, and speak)
Job Responsibility
Job Responsibility
  • Manage the planning, coordination, and execution of MCA Transformation program for CISO
  • Drive MCA best practices, transformation, and execution consistency across business/functions
  • Lead efforts in Global Process MCA Profiles (GPMPs) and Continuous Risk Management (CRM) for CISO
  • Gain expert-level knowledge of MCA Standard, Procedure, and tools to support future-state MCA
  • Support CISO Business Processes, Control Owners, and Global Assessment Unit (GAU) Owners in their responsibilities related to MCA execution
  • Identify and document key controls necessary for mitigation of cybersecurity risk
  • Be a hands-on Subject Matter Expert (SME) with the ability to drive problem solving and root cause analyses, simplify complex messages and summarize key points
  • Partner with CISO’s Enterprise Architecture Methodology (EAM) Lead team by which taxonomies and processes interlink with each other, establishing a multifaceted matrix to inform decision-making and simplification
  • Foster constructive dialogue and facilitate open discussion, sharing of knowledge and experience with customers and stakeholders
  • Actively manage relationships with CISO business partners and risk management teams to achieve sustained success
What we offer
What we offer
  • Cafeteria Program
  • Home Office Allowance (for colleagues working in hybrid work models)
  • Paid Parental Leave Program (maternity and paternity leave)
  • Private Medical Care Program and onsite medical rooms at our offices
  • Pension Plan Contribution to voluntary pension fund
  • Group Life Insurance
  • Employee Assistance Program
  • Access to a wide variety of learning and development programs, online course libraries and upskilling platforms, such as Udemy and Degreed
  • Flexible work arrangements to support you in managing work - life balance
  • Career progression opportunities across geographies and business lines
  • Fulltime
Read More
Arrow Right

Security Governance Risk & Compliance (GRC) Analyst

Here at Virtru you’ll help build a cutting edge security compliance program alig...
Location
Location
United States , Washington, DC
Salary
Salary:
130000.00 - 180000.00 USD / Year
virtru.com Logo
Virtru
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 5+ years of information security, IT audit and/or IT Risk Management, or GRC Analyst/Engineer experience
  • Deep understanding of at least few of the following: CMMC, NIST 800-53 & 800-171, FedRAMP, SOC 2, PCI, and/or other global privacy compliance frameworks
  • Technical acumen. Strong understanding of modern cloud technologies (AWS, GCP, Azure, etc.) and familiarity with GRC tools (Hyperproof, Vanta, Drata, etc) and SIEM tools (Datadog, Splunk)
  • You’re a relationship builder and have worked with both business and technical risk and understand how to translate risk to various levels of the organization
  • Have experience training and coaching teams to become better security and privacy practitioners
  • Like working on an autonomous agile team
  • Ability to resolve conflicts and drive issues to completion
  • Work independently with little or no supervision while maintaining a high level of efficiency
  • Hands on experience deploying and managing vulnerability scanning/cloud security posture management tools (Wiz, Prismacloud, etc.) to meet security compliance requirements
  • Real-world IR experience participating on security On-Call teams
Job Responsibility
Job Responsibility
  • Manage and implement complex controls frameworks for large systems, consisting of Cloud infrastructure and Software as a Service (SaaS) services (GCP, AWS, GitHub, Okta, etc)
  • Design and develop automation solutions for evidence collection across Cloud infrastructure, endpoints, and SaaS services
  • Conduct risk assessments across business units and processes. Identify risk findings and recommend remediation and risk mitigation strategies
  • Assist or implement automated controls to support risk mitigation efforts across various business units with stakeholders
  • Incorporate CMMC certification into Virtru’s slate of compliance assessments and ongoing monitoring activities (FedRAMP, SOC 2, PCI)
  • Facilitate the third-party vendor on-boarding and annual review process by evaluating the security of current and prospective partners
  • Participate in incident response (IR) activities, providing risk analysis and remediation support as needed
  • Enhance the team with your individualism, spirit, and love of learning
What we offer
What we offer
  • A Flexible PTO policy
  • A $1,500 annual Learning & Development Stipend
  • Frequent company-sponsored team celebrations
  • Access to an Employee Assistance Program
  • Access to Headspace, a mental health app
  • A flat 3% contribution to your retirement account
  • A high degree of flexibility
  • Competitive compensation
  • Generous parental, medical, and bereavement policies
  • 401K contribution and stock options
  • Fulltime
Read More
Arrow Right

Security Strategy and Risk Management Head of Department

The Security Strategy and Risk Management Head of Department is a senior leaders...
Location
Location
United States , Irvine
Salary
Salary:
181240.00 - 259160.00 USD / Year
haeaus.com Logo
Hyundai AutoEver America
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 15–20 years of progressive experience across Information Security, GRC/Risk Management, customer/vendor security management and/or strategic operations
  • Bachelor’s degree in Cybersecurity, Information Technology, Risk Management, Business Administration or a related discipline
  • Excellent stakeholder management, communication, and leadership skills
  • Demonstrated experience working across multi-disciplinary teams to achieve common objectives
  • Proficient in English for effective communication and coordination
Job Responsibility
Job Responsibility
  • Lead enterprise-wide risk assessment, risk issue management, and risk exception management
  • Maintain and enhance risk management frameworks aligned with industry best practices
  • Deliver insightful, data-driven risk reporting to senior leadership
  • Oversee the Information Security compliance and control assurance program
  • Lead coordination of internal and external audits, assessments, and certification processes
  • Lead the Third-Party Risk Management (TPRM) program
  • Oversee creation, governance, maintenance, and communication of Information Security policies, standards, and procedures
  • Direct the Information Security Training and Awareness program
  • Partner with the CISO to define and maintain the Information Security strategic roadmap
  • Lead budget planning, forecasting, tracking, and optimization for the full Information Security organization
  • Fulltime
Read More
Arrow Right

Compliance Analyst

insightsoftware is seeking a detail-oriented and proactive Compliance Analyst to...
Location
Location
United States , Remote
Salary
Salary:
Not provided
insightsoftware.com Logo
insightsoftware
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in information security, Cybersecurity, Computer Science, Risk Management, Legal Studies, Business Administration, or related field
  • Minimum 3+ years of experience in compliance program management, risk management, or information security roles, preferably in regulated industries or technology companies
  • Demonstrated experience responding to third-party risk assessments, security audits, customer security questionnaires, RFPs, and compliance due diligence requests
  • Working knowledge of regulatory frameworks and standards (e.g., ISO 27001, SOC 2 (Type II), NIST, FedRAMP, CMMC, PCI DSS, GDPR, CCPA), trade control regulations (EAR, ITAR), anti-bribery/corruption laws (FCPA, UK Bribery Act), and data privacy principles
  • A strong knowledge of at least one regulatory framework governing matters pertaining to data privacy, cybersecurity, trade compliance, or third-party risk management
  • Experience with third-party screening tools and vendor risk management platforms
  • Familiarity with GRC or data protection management platforms (e.g., OneTrust, ServiceNowMetricStream)
Job Responsibility
Job Responsibility
  • Support the development, implementation, and maintenance of a global compliance program, including trade compliance, anti-bribery/corruption, anti-trust, and business ethics
  • Conduct secondary screening of third parties (vendors, partners, customers) , and assess potential matches against government watchlists of denied, debarred, sanctioned, or restricted parties to ensure compliance with applicable trade compliance, export control and sanctions regulations (e.g., U.S. Department of the Treasury Office of Foreign Assets Control ("OFAC"), U.S. Department of Commerce Bureau of Industry and Security ("BIS"), U.K. Office of Financial Sanctions Implementation ("OFSI"), European Union, and United Nations)
  • Assist with export classification determinations and licensing requirements for software products and services, including evaluation of Export Control Classification Numbers ("ECCNs")
  • Support the company's compliance with applicable data protection regulatory frameworks (e.g., GDPR, CCPA)
  • Support the Corporate Counsel, Data Privacy, AI, Cybersecurity with data protection initiatives and obligations including data mapping exercises, processing activity records, and privacy impact assessments, and coordinate responses to data subject access requests ("DSARs") and privacy-related inquiries
  • Support privacy management tools and platforms for consent management and privacy workflow automation
  • Partner with company counsel, InfoSec, and other stakeholders with compliance audits, data privacy questionnaires, and third-party risk assessment processes including vendor due diligence and ongoing monitoring
  • Support risk and control self-assessments ("RCSA"), audit management, and remediation tracking
  • Collaborate with stakeholders including the Chief Information Security Officer ("CISO") and the team to quantify, monitor, and report on security and compliance performance
  • Maintain GRC platforms (e.g., ServiceNow, Archer, MetricStream) to track compliance activities, risks, and controls
Read More
Arrow Right

Global Data Privacy Counsel

We are looking for a senior attorney with extensive experience in global data pr...
Location
Location
United States , Atlanta
Salary
Salary:
Not provided
arrive.com Logo
Arrive
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Juris Doctor degree from a reputable, accredited U.S. law school
  • Active license in good standing with one or more U.S. state bars (Georgia preferred)
  • 10+ years of progressive experience in data privacy and cybersecurity legal matters, with significant in-house experience at a high-growth, technology-driven company
  • Deep expertise and knowledge of and hands-on experience with U.S. and international data privacy, cybersecurity, and compliance laws and frameworks (including GDPR, CCPA/CPRA, PCI-DSS, ISO certifications, and other relevant global standards) and leading-edge AI regulations and frameworks
  • Demonstrated success in providing strategic legal counsel that balances risk management with enabling innovation and business growth, particularly in payments and data-driven initiatives
  • Proven experience leading global privacy and data protection programs, including managing privacy and data protection risk frameworks and governance
  • Experience managing external counsel, auditors, and regulators
  • Proven ability to lead, develop, and inspire diverse, global teams, including direct leadership experience with Data Protection Officers and other privacy professionals
  • Strong business acumen with the ability to translate complex legal concepts into clear, actionable advice that aligns with business objectives and supports deal-making and sales acceleration
  • Excellent communication and interpersonal skills, with the ability to influence stakeholders at all levels, including senior executives and cross-functional teams globally
Job Responsibility
Job Responsibility
  • Serve as a trusted strategic legal advisor to executive leadership, business unit and function heads, and the governance committees on global privacy, data protection, and cybersecurity risks, as well as opportunities aligned with rapid business growth and innovation
  • Design, lead, and continuously evolve the global privacy and data protection program, ensuring it not only meets regulatory requirements but also supports scalable growth and competitive advantage in a fast-paced, high-growth environment
  • Partner closely with product, technology, payments, data, software and hardware sales, marketing, and strategy teams to embed privacy-by-design and data governance principles into all data-driven and payment-related initiatives
  • Advise on privacy, data protection, cross-border data processing, and emerging technologies (AI and machine learning), in connection with parking, public transport and other urban mobility technologies and data services (B2B, B2C), to help the company navigate these complex regulatory environments while accelerating innovation
  • Balance risk management with enabling agility—help business units achieve their ambitious growth objectives without compromising compliance or customer trust
  • Lead and manage a global, unified privacy and data protection team, including the EU Data Protection Officer and EU Privacy Program Manager, and serve as the global privacy and data protection leader responsible for harmonizing privacy and data protection practices across all regions
  • Act as the company’s U.S. and Canada Privacy Officer, overseeing all U.S.-specific and Canada-specific aspects of the global privacy and data protection program
  • Own enterprise-wide development, implementation, and continuous improvement of privacy and data protection policies, standards, and frameworks aligned with relevant global privacy and data protection-related regulations
  • Develop and maintain a privacy and data protection risk management framework and a dashboard of key privacy metrics to inform leadership decision making and monitor program effectiveness in a high-growth environment
  • Lead privacy and data protection audits and program assessments to ensure compliance and identify areas for improvement aligned with rapid company growth
Read More
Arrow Right

Cybersecurity Manager's Control Assessment (MCA) Business Risk Officer

This role is focused on transformation efforts related to Citi’s Manager’s Contr...
Location
Location
Hungary , Budapest
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years of relevant experience
  • experience in Manager’s Control Assessment (MCA), Operational Risk, Information Security, Cybersecurity, Risk Management, and Governance, Risk and Control (GRC)
  • risk management, cybersecurity, and project management certifications are a plus (e.g. CRISC, CISA, CISM, CISSP, PMP)
  • ability to influence decisions with senior leadership and business partners
  • proficiency in Microsoft Office, advanced Excel skills (macros, pivots, complex formulas)
  • knowledge of data visualization/analytics business applications like Tableau, QlikView, and Microsoft Power BI
  • familiarity with Machine Learning and Artificial Intelligence (AI) is a plus
  • fluent in English
Job Responsibility
Job Responsibility
  • Manage the planning, coordination, and execution of MCA Transformation program for CISO
  • lead efforts in Global Process MCA Profiles (GPMPs) and Continuous Risk Management (CRM) for CISO
  • gain expert-level knowledge of MCA Standard, Procedure, and tools to support future-state MCA
  • support CISO Business Processes, Control Owners, and Global Assessment Unit (GAU) Owners in their responsibilities related to MCA execution
  • identify and document key controls necessary for mitigation of cybersecurity risk
  • drive problem solving and perform root cause analyses
  • simplify complex messages and summarize key points
  • partner with CISO’s Enterprise Architecture Methodology (EAM) Lead team to establish processes for decision-making and simplification
  • foster constructive dialogue and facilitate open discussions
  • actively manage relationships with CISO business partners and risk management teams
What we offer
What we offer
  • Cafeteria Program
  • Home Office Allowance
  • Paid Parental Leave Program
  • Private Medical Care Program
  • onsite medical rooms
  • Pension Plan Contribution
  • Group Life Insurance
  • Employee Assistance Program
  • access to learning and development programs, online course libraries, and upskilling platforms
  • flexible work arrangements
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy