Related skills
gdpr iso 27001 tprm soc 2 onetrustđ Description
- Lead the governance, risk, and policy program.
- Drive compliance with ISO 27001, SOC 2, NIST, PCI DSS, GDPR, and more.
- Manage enterprise risk assessments and maintain the risk register.
- Oversee thirdâparty risk management and vendor onboarding.
- Lead audit readiness and liaise with auditors.
- Support client inquiries and RFPs on security and privacy.
- Mentor junior team members and promote proactive GRC practices.
đŻ Requirements
- 5+ years in cybersecurity, governance, risk, or privacy.
- Strong knowledge of ISO 27001, NIST, SOC 2, PCI DSS, GDPR, PIPEDA.
- Hands-on with GRC tools: OneTrust, Hyperproof, AuditBoard, Drata.
- Lead enterprise risk assessments and maintain risk registers.
- Oversee thirdâparty risk management (TPRM) and vendor onboarding.
- Support client due diligence (security questionnaires, RFPs).
- Clear communication of risk to technical and nonâtechnical teams.
- Organizational and project management skills; crossâfunctional leadership.
- Certifications such as CISM, CRISC, CISSP, CISA valued.
đ Benefits
- Flexible hybrid work model.
- DEIBâfocused culture with employee resource groups.
- Growth opportunities and meaningful work.
- Accommodations available during hiring.
Meet JobCopilot: Your Personal AI Job Hunter
Automatically Apply to All Other Jobs. Just set your
preferences and Job Copilot will do the rest â finding, filtering, and applying while you focus on what matters.
Help us maintain the quality of jobs posted on Empllo!
Is this position not a remote job?
Let us know!