A large software and gaming company is looking for an experienced and dynamic Information Security Governance, Risk, and Compliance (GRC) Project + Program Manager to join the team. The ideal candidate will be responsible for driving and planning various GRC initiatives, including PCI-DSS compliance, NIST framework implementation, SOC compliance, third-party risk management, and internal audits. This role requires a detail-oriented individual who can manage multiple projects simultaneously and thrive in a fast-paced environment.
Key Responsibilities:
-Develop and implement a comprehensive project management framework in accordance with PMI standards to ensure the successful execution of GRC initiatives.
-Lead efforts to achieve and maintain PCI-DSS compliance, including conducting regular assessments, addressing compliance gaps, and updating policies and procedures as needed.
-Plan and execute the implementation of NIST framework requirements, including gap analysis, resource allocation, and timeline establishment.
-Coordinate SOC compliance activities, aligning them with the NIST implementation timeline and ensuring adherence to relevant standards.
-Oversee third-party risk management activities, including vendor risk assessments, contract reviews, and compliance monitoring.
-Schedule and conduct internal audits to assess the effectiveness of internal security controls and ensure alignment with industry best practices.
-Implement continuous monitoring mechanisms for ongoing third-party risk evaluations and automate risk assessment processes where possible.
Foster a culture of adaptability and innovation within the team to effectively address ambiguous situations and drive continuous improvement.
-Empower team members to take ownership of their tasks while emphasizing the importance of attention to detail and adherence to project timelines.
-Establish clear communication channels for updates and issue escalation, promoting a transparent and collaborative working environment.
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to
HR@insightglobal.com.
To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy:
https://insightglobal.com/workforce-privacy-policy/ .
-Experience working in highly regulated industries such as finance, healthcare, or government.
-Game industry experience / familiarity! Understand how video games are built, and what infrastructure is required to support them.
-Familiarity with GRC tools and software for risk management, compliance tracking, and reporting.
-Experience leading cross-functional teams and managing vendor relationships.
-Advanced certifications in information security or project management.
Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.