Ivalua
Manager, InfoSec Governance Risk and Compliance (GRC)
Ivalua, San Francisco, California, United States, 94199
Manager, InfoSec Governance Risk and Compliance (GRC)
Join Ivalua as a Global Manager for our Information Security Governance, Risk, and Compliance (GRC) program. In this role you will lead a worldwide team, drive compliance for industry standards, and serve as a subject‑matter expert on security frameworks.
What You Will Do
Lead and own the global GRC program, managing a high‑performing team.
Drive compliance efforts and audits for certifications such as FedRAMP, ISO 27001, HIPAA, SOC 1/2, PCI DSS, and IRAP.
Serve as an SME on security frameworks—NIST 800‑53 Rev 5, NIST 800‑171, ITAR, FedRAMP, PCI DSS, SOC 2, and more—guiding internal stakeholders.
Efficiently manage and respond to customer security audit and compliance requests.
Maintain continuous compliance and monitoring of security controls.
Collaborate with Sales, Marketing, and Customer Success to communicate Ivalua’s security posture.
Review and negotiate information security exhibits and contractual terms with the legal team.
Lead the Security Awareness and Training program.
Track, manage, and drive remediation efforts for control deficiencies and gaps identified through internal and external audits.
Oversee the Third‑Party Risk and Vendor Security Assessment program.
Develop, maintain, and enforce InfoSec policies, standards, and plans.
Qualifications
7+ years of proven experience leading GRC programs and managing compliance certifications and audits.
3+ years as a direct leader, managing a team within a global organization.
Strong knowledge of NIST SP 800‑53, NIST 800‑171, ITAR, PCI DSS, SOC 2, and FedRAMP.
Demonstrated ability to influence stakeholders across multiple departments and time zones.
Excellent project management, analytical, and problem‑solving skills with keen attention to detail.
Strong interpersonal and communication skills.
Self‑motivated with a high degree of initiative and ability to work independently.
Ability to handle multiple competing priorities and deadlines efficiently.
Bachelor’s degree in a related field preferred.
Compensation : USD 112,000 – 208,000 per year plus benefits. Medical, dental, vision, and transportation are included.
Hybrid working model: 3 days in‑office per week. Ivalua is a diverse, inclusive, and growing organization that values creativity, collaboration, and continuous learning.
#J-18808-Ljbffr
What You Will Do
Lead and own the global GRC program, managing a high‑performing team.
Drive compliance efforts and audits for certifications such as FedRAMP, ISO 27001, HIPAA, SOC 1/2, PCI DSS, and IRAP.
Serve as an SME on security frameworks—NIST 800‑53 Rev 5, NIST 800‑171, ITAR, FedRAMP, PCI DSS, SOC 2, and more—guiding internal stakeholders.
Efficiently manage and respond to customer security audit and compliance requests.
Maintain continuous compliance and monitoring of security controls.
Collaborate with Sales, Marketing, and Customer Success to communicate Ivalua’s security posture.
Review and negotiate information security exhibits and contractual terms with the legal team.
Lead the Security Awareness and Training program.
Track, manage, and drive remediation efforts for control deficiencies and gaps identified through internal and external audits.
Oversee the Third‑Party Risk and Vendor Security Assessment program.
Develop, maintain, and enforce InfoSec policies, standards, and plans.
Qualifications
7+ years of proven experience leading GRC programs and managing compliance certifications and audits.
3+ years as a direct leader, managing a team within a global organization.
Strong knowledge of NIST SP 800‑53, NIST 800‑171, ITAR, PCI DSS, SOC 2, and FedRAMP.
Demonstrated ability to influence stakeholders across multiple departments and time zones.
Excellent project management, analytical, and problem‑solving skills with keen attention to detail.
Strong interpersonal and communication skills.
Self‑motivated with a high degree of initiative and ability to work independently.
Ability to handle multiple competing priorities and deadlines efficiently.
Bachelor’s degree in a related field preferred.
Compensation : USD 112,000 – 208,000 per year plus benefits. Medical, dental, vision, and transportation are included.
Hybrid working model: 3 days in‑office per week. Ivalua is a diverse, inclusive, and growing organization that values creativity, collaboration, and continuous learning.
#J-18808-Ljbffr