Governance, Risk, Compliance (GRC) Manager

The role:
The Governance, Risk, Compliance Manager (GRC) is responsible for the creation,
maintenance, monitoring and iteration of the GRC requirements of the entire GlobalSecurity & Investigations team. The team consists of the Physical Security Team, theInternal Investigations Team and the Executive Protection Team.
Key areas of responsibility include: all governance, risk, compliance, issue management,business impact analysis, business controls testing, audit and regulatory engagement,business continuity, and RCSA. This role reports directly to the Head of Global Security &Investigations and will work closely with leaders across the enterprise.This role has the potential to grow into a larger scope, assisting senior members of the Legal Team with their GRC requirements.

What You’ll Do:
● Create and maintain Physical Security, Internal Investigations, Executive Protection policies, standards, procedures and process documents.
● Manage all audit, regulatory requirements and interactions for Physical Security
and Internal Investigations.
● Assist the Head of Global Security & Investigations in the development,
implementation and supervision of operational, strategic and tactical planning.
● Manage all operation risk management requirements for all teams.
● Ensure adherence to legal, regulatory, and internal company standards, including
data privacy and protective intelligence requirements.
● Evaluate security risks posed by vendors and contractors.
● Create and manage risk registers, tracking, and reporting for security, executives,
and corporate leadership.
● Own the issue management process for the entire Global Security & Investigation Team.
● Collaborate with Business Controls Testing to ensure all controls are operating
effectively.
● Partner and work closely with the Internal Investigations Director.

● Partner and work closely with the Physical Security Senior Manager.
● Partner with the Site Leadership Team to plan and prepare for emergencies,
including natural disasters, injury, workplace threat, etc.
● Effectively build relationships and communicate with key executive and employee stakeholders across the enterprise.
● Evaluate policy, standard, procedure, process document adherence.
● Analyze the root cause of compliance breaches.
● Assist in the management of incident response to mitigate risks.
● Collect and analyze data to create respective documentation and reports.
● Create and maintain dashboards to show a comprehensive overview of data from different sources, to include monitoring, measuring, and analyzing relevant data in key areas.
● Work closely with the Business Continuity Team to ensure business impact
analysis compliance.
● Prepare materials for presentation to the General Counsel, Chief Financial Officer and Chief Executive Officer.

What you’ll need:
● 5 years of experience working in governance, risk management, or compliance.
● Ability to maintain discretion and confidentiality.
● Experience with the risk control self assessment process.
● Experience with the issue management process.
● Strong analytical skills for identifying, mitigating, and monitoring risks.
● Proven ability to solve complex and sensitive problems, and to work well under
pressure.
● Strong written and verbal communication skills for collaborating with stakeholders.
● Technical curiosity and an interest in exploring data and understanding multiple
systems.
● Experience with risk assessment frameworks (NIST, ISO 27001).
● Ability to work collaboratively with a strong attention to detail.
● Experience operating in a matrix environment.
● Ability to handle multiple and ever-changing priorities in a fast-paced environment.