Skip to content
Manager – Governance – Risk & Compliance – GRC
| Company | Flex |
|---|
| Location | New York, NY, USA |
|---|
| Salary | $137000 – $156000 |
|---|
| Type | Full-Time |
|---|
| Degrees | Bachelor’s |
|---|
| Experience Level | Mid Level, Senior |
|---|
Requirements
- Bachelor’s degree in Information Security, Computer Science, or a related field
- Minimum 3 years of experience in GRC, information security, or related roles
- Proven experience with SOC 2 audit preparation and compliance
- Proficiency with Vanta or similar compliance automation tools
- Strong knowledge of NIST CSF and NYDFS Cybersecurity Regulations
- Excellent analytical and problem-solving skills
- Outstanding written and verbal communication abilities
- Fluency in English at the C2 level
- Self-motivated with the ability to work independently in a remote environment
Responsibilities
- Lead SOC 2 audit preparation and ongoing compliance efforts
- Utilize Vanta to automate and streamline compliance processes
- Contribute to the implementation and maintenance of NIST Cybersecurity Framework (CSF) controls
- Assist in ensuring compliance with NYDFS Cybersecurity Regulations
- Conduct risk assessments and develop mitigation strategies
- Create and update policies, procedures, and controls documentation
- Collaborate with internal stakeholders to support the implementation and monitoring of security controls
- Assist in preparing comprehensive reports for management on compliance status and risk exposure
- Stay informed about evolving regulatory requirements and industry best practices, sharing insights with the team
Preferred Qualifications
- ISACA CISA certification
- Experience in the fintech or financial services industry
- Familiarity with other frameworks such as ISO 27001, GDPR, or PCI DSS
