Skip to content
GRC Program Manager
| Company | Miro |
|---|
| Location | New York, NY, USA |
|---|
| Salary | $155000 – $232000 |
|---|
| Type | Full-Time |
|---|
| Degrees | Bachelor’s |
|---|
| Experience Level | Senior |
|---|
Requirements
- Bachelor’s degree in Information Systems, Computer Science, Business, or a related field, or equivalent practical experience
- Proven experience (typically 5+ years) managing IT/security audit programs
- Direct, hands-on experience managing the full lifecycle of SOC2 Type II audits
- In-depth knowledge and practical experience applying NIST frameworks (e.g., NIST 800-53, NIST CSF)
- Strong understanding of IT governance, risk management, and compliance (GRC) principles
- Excellent program/project management skills, including planning, organization, and stakeholder communication
- Ability to work effectively with technical and non-technical teams
- Strong analytical and problem-solving skills
- Excellent written and verbal communication skills
Responsibilities
- Lead the planning, execution, and completion of internal and external audits, including NIST assessments and SOC2 Type II examinations
- Define audit scope, objectives, timelines, and resource requirements in collaboration with stakeholders and external auditors
- Evaluate the design and operating effectiveness of security controls against NIST and SOC2 requirements
- Coordinate and manage the collection, review, and submission of audit evidence from various teams across the organization
- Oversee the tracking and validation of remediation efforts for identified control deficiencies or gaps
- Serve as the primary point of contact for internal teams and external auditors regarding audit activities. Effectively communicate audit progress, findings, and remediation status to leadership
- Work closely with Engineering, Product, IT, and other departments to integrate compliance requirements into processes and systems
- Contribute to the development and refinement of security policies, standards, and procedures to ensure alignment with compliance frameworks
- Assist in identifying, assessing, and mitigating security and compliance risks
- Identify opportunities to enhance the efficiency and effectiveness of the audit and compliance program, potentially leveraging automation and GRC tools
- Prepare clear and concise audit reports and dashboards for management and relevant stakeholders
Preferred Qualifications
No preferred qualifications provided.
