Fragomen
About the Role
Governance, Risk & Compliance (GRC) Manager
at
Fragomen , a leading global immigration services provider. The role focuses on data privacy and security as strategic priorities, responsible for driving a proactive, risk-aware culture across the firm. The GRC Manager will lead and develop a team of compliance analysts and GRC experts and build a robust, scalable risk management framework. The role requires identifying, evaluating, and mitigating security, privacy, operational, and third-party risks and communicating those risks to leadership and clients. The ideal candidate combines strategic leadership with deep expertise in risk identification and mitigation across complex environments and will collaborate with global teams to align GRC initiatives with business objectives and regulatory requirements. How you will make a difference as a GRC Manager at Fragomen Lead, mentor, and grow a team of compliance analysts and GRC professionals. Provide strategic direction, technical guidance, and foster a culture of continuous improvement. Develop and operationalize a risk management program that proactively identifies, assesses, and mitigates organizational and third-party risks, aligned to business priorities. Design and manage a comprehensive GRC framework, including risk assessments, controls implementation, and governance practices. Partner with Information Security, IT, Privacy, Audit, and Legal to build a unified view of the firm’s security and data privacy posture and convey that view to clients and stakeholders. Align data privacy and security policies with day-to-day operations and drive the execution of GRC initiatives across all business units. Establish KPIs and dashboards to monitor risk levels, compliance progress, and control effectiveness; regularly report key risk insights to senior leadership and the Risk Committee. Conduct Data Privacy Impact Assessments (DPIAs), maintain a central risk register, and oversee the mitigation of identified gaps across people, process, and technology. Ensure ongoing adherence to industry standards (e.g., ISO 27001, SOC 2, PCI DSS, NIST) by maintaining audit-ready documentation and leading evidence-gathering activities. Leverage your valuable skills and experience to make an impact at Fragomen 7+ years of experience in governance, risk, and compliance (GRC), risk management, or information security Demonstrated experience leading risk management initiatives and teams Professional certifications such as CISA, CISSP, CIA, or similar strongly preferred Deep knowledge of global security and privacy frameworks, including ISO 27001, SOC 2, PCI DSS, NIST 800 series, EU GDPR, and related regulatory regimes Strong analytical and communication skills with the ability to translate complex risks into actionable strategies for business and technical stakeholders Excellent organizational and project management skills, with attention to detail and an ability to manage multiple priorities Experience working with cross-functional, global teams and third-party vendors Compensation & Benefits
Compensation:
The salary range is dependent on factors including skills, experience, location, and applicable laws. A reasonable and good-faith estimate of the current salary range for hybrid schedules in the office locally is:
$114,000.00 - $152,000.00 . Benefits:
22 PTO days + Federal holidays; Medical, Dental, Vision plans + FSA & HSA; 401K with company matching. How to learn more
Please review About Us, Meaningful and Impactful Work, and Benefits to understand Fragomen’s culture and offerings.
#J-18808-Ljbffr
Governance, Risk & Compliance (GRC) Manager
at
Fragomen , a leading global immigration services provider. The role focuses on data privacy and security as strategic priorities, responsible for driving a proactive, risk-aware culture across the firm. The GRC Manager will lead and develop a team of compliance analysts and GRC experts and build a robust, scalable risk management framework. The role requires identifying, evaluating, and mitigating security, privacy, operational, and third-party risks and communicating those risks to leadership and clients. The ideal candidate combines strategic leadership with deep expertise in risk identification and mitigation across complex environments and will collaborate with global teams to align GRC initiatives with business objectives and regulatory requirements. How you will make a difference as a GRC Manager at Fragomen Lead, mentor, and grow a team of compliance analysts and GRC professionals. Provide strategic direction, technical guidance, and foster a culture of continuous improvement. Develop and operationalize a risk management program that proactively identifies, assesses, and mitigates organizational and third-party risks, aligned to business priorities. Design and manage a comprehensive GRC framework, including risk assessments, controls implementation, and governance practices. Partner with Information Security, IT, Privacy, Audit, and Legal to build a unified view of the firm’s security and data privacy posture and convey that view to clients and stakeholders. Align data privacy and security policies with day-to-day operations and drive the execution of GRC initiatives across all business units. Establish KPIs and dashboards to monitor risk levels, compliance progress, and control effectiveness; regularly report key risk insights to senior leadership and the Risk Committee. Conduct Data Privacy Impact Assessments (DPIAs), maintain a central risk register, and oversee the mitigation of identified gaps across people, process, and technology. Ensure ongoing adherence to industry standards (e.g., ISO 27001, SOC 2, PCI DSS, NIST) by maintaining audit-ready documentation and leading evidence-gathering activities. Leverage your valuable skills and experience to make an impact at Fragomen 7+ years of experience in governance, risk, and compliance (GRC), risk management, or information security Demonstrated experience leading risk management initiatives and teams Professional certifications such as CISA, CISSP, CIA, or similar strongly preferred Deep knowledge of global security and privacy frameworks, including ISO 27001, SOC 2, PCI DSS, NIST 800 series, EU GDPR, and related regulatory regimes Strong analytical and communication skills with the ability to translate complex risks into actionable strategies for business and technical stakeholders Excellent organizational and project management skills, with attention to detail and an ability to manage multiple priorities Experience working with cross-functional, global teams and third-party vendors Compensation & Benefits
Compensation:
The salary range is dependent on factors including skills, experience, location, and applicable laws. A reasonable and good-faith estimate of the current salary range for hybrid schedules in the office locally is:
$114,000.00 - $152,000.00 . Benefits:
22 PTO days + Federal holidays; Medical, Dental, Vision plans + FSA & HSA; 401K with company matching. How to learn more
Please review About Us, Meaningful and Impactful Work, and Benefits to understand Fragomen’s culture and offerings.
#J-18808-Ljbffr