GRC Program Manager
Root Insurance Company
What you’ll be doing.
- Develop, implement, and maintain technology policies and procedures across the entire engineering organization.
- Lead the annual information security risk assessment and incorporate the results into GRC program improvements.
- Oversee internal technology control testing and gap assessments.
- Issues clear and concise reports, using data, technology and visualization tools to communicate results effectively
- Identifies root causes and provides management practical value-add solutions and recommendations
- Proactively informs senior management of significant risks or exposures related to internal controls, compliance, and governance requiring prompt attention
- Partners with SOX control team on implementing and validating technology controlsTrack exceptions to the governance program and drives remediation planning
- Participates as necessary in all regulatory exams and other third-party audits
- Prepares and presents reports for Information Security leadership, the CTO, and Executive Management
What we’re looking for.
- Experience with building technology and information security control programs
- Active CIA, CISA, CRISC, CISM, or CISSP required
- Strong technology background highly valued
- Superior problem-solving skills with the ability to think strategically and innovatively
- Roll-up-the sleeves work ethic and “do-what-it takes” attitude to efficiently execute and drive for results in a fast-paced work environment
- Excellent written and verbal communication skills
- Proven ability to thrive in a results-driven, fast-paced work environment
- Exceptional leadership skills; naturally collaborative, excels at influencing without direct authority
Similar Jobs
