GRC Security Program Manager at Jobgether – United States

This position is posted by Jobgether on behalf of a partner company. We are currently looking for a GRC Security Program Manager in the United States.

This role offers the opportunity to lead governance, risk, and compliance (GRC) initiatives for a fast-growing technology organization, ensuring that security programs and controls are effectively implemented and monitored across the business. You will manage multiple complex projects, collaborate with cross-functional teams, and drive risk mitigation strategies while supporting regulatory compliance and vendor assessments. This position is ideal for someone who thrives in a fast-paced environment, can independently manage priorities, and has a strong understanding of information security frameworks. You will play a key role in shaping security processes, monitoring program maturity, and supporting internal and external audit initiatives. The impact of your work will strengthen the organization’s security posture and build confidence with stakeholders across all levels.

• Lead and manage GRC programs, ensuring alignment with security policies and organizational objectives
• Define project scopes, develop detailed plans, and oversee execution for multiple concurrent initiatives
• Implement and maintain maturity frameworks, factoring in emerging regulations and risk detection
• Monitor program metrics, identify deviations, and define corrective actions as necessary
• Collaborate with stakeholders to prioritize goals, communicate status updates, and incorporate feedback
• Establish standardized frameworks, best practices, and tools across programs
• Support vendor qualification, contract review, and security-related procurement activities
• Conduct audits, prepare reports, and maintain clear communication with internal teams and external auditors

• Bachelor’s degree in Computer Science, Information Security, or a related field, or equivalent experience
• 4+ years of experience in information security, cybersecurity, technology risk, or related GRC domains
• 3+ years analyzing programs and data for security risks, compliance, and program maturity
• 2+ years of program or project management experience in a corporate environment
• Experience with GRC tools such as Jira and Drata
• Strong knowledge of security frameworks, controls, and audit standards (ISO 27001/27701, SOC II)
• Relevant security certifications preferred (CISSP, CISM, CISA, GIAC GSEC, OSCP, CompTIA Security+)
• Excellent verbal and written communication skills, with experience interacting with C-suite leaders and auditors
• PMP certification and formal risk management methodology experience are a plus

• Competitive compensation package
• Comprehensive healthcare coverage including medical, dental, and vision
• Paid time off and flexible work arrangements
• Professional development and training opportunities
• Collaborative and inclusive work culture valuing diverse perspectives
• Exposure to high-impact security and compliance projects in a growing technology organization
• Opportunity to influence security strategy and GRC program maturity