Cybersecurity Governance, Risk and Compliance (GRC) Lead
Remote
AI Summary
Lead cybersecurity governance, risk, and compliance programs. Ensure alignment with industry standards and regulatory requirements. Develop and maintain key performance indicators for cybersecurity, risk management, and compliance programs.
Key Highlights
Lead cybersecurity governance, risk, and compliance programs
Ensure alignment with industry standards and regulatory requirements
Develop and maintain key performance indicators for cybersecurity, risk management, and compliance programs
Key Responsibilities
Governance, Risk & Compliance (GRC)
Security Awareness & Training
Leadership, Collaboration & Reporting
Technical Skills Required
Benefits & Perks
Salary with all legal benefits
Health Insurance
Dental Insurance
Paid Time Off (PTO) & Sick Leave
Nice to Have
Certifications in Risk Management (e.g., CRISC), GRC frameworks, and Security Awareness training programs are highly desirable
Job Description
Cybersecurity Governance, Risk and Compliance (GRC) Lead
We are seeking a bilingual, experienced, and highly skilled Cybersecurity Governance, Risk and Compliance (GRC) Lead. Experience managing security awareness and training programs is also required. The ideal candidate will have a deep understanding of cybersecurity frameworks, risk management strategies, and compliance with laws/regulations/standards, along with the ability to lead efforts to raise security awareness across the organization. This individual will be instrumental in ensuring our cybersecurity policies, practices, risk management, and training programs align with industry standards and regulatory requirements.
This position is 100% remote in Colombia.
Key Responsibilities
Governance, Risk & Compliance (GRC):
- Lead the design, development, implementation, and maintenance of cybersecurity governance, risk, and compliance programs in alignment with industry best practices and regulatory requirements (e.g., NIST, ISO 27001, OWASP, CCPA, HIPAA, SOC 2).
- Conduct risk assessments and recommend mitigation strategies to senior management.
- Ensure compliance with security regulations and frameworks by preparing for audits, conducting internal assessments, and addressing gaps.
- Collaborate with legal, compliance, and IT teams to ensure security policies and procedures meet all regulatory requirements.
- Develop and maintain key performance indicators (KPIs) for cybersecurity, risk management, and compliance programs.
- Review and update cybersecurity policies and procedures regularly to address emerging threats, changes in the regulatory landscape, and organizational needs.
- Act as the subject matter expert on organizational security policies and procedures, offering guidance and support across departments.
- Design, implement, and manage a comprehensive security awareness program to educate employees on security best practices, emerging threats, and compliance requirements.
- Define engaging and informative training materials, tailored to various levels of technical expertise.
- Coordinate and deliver regular security awareness training communications / sessions to improve employee engagement and knowledge retention.
- Track training completion rates, effectiveness of the programs, and areas for improvement, utilizing metrics to continually optimize the program.
- Work closely with HR and leadership to integrate security awareness and compliance topics into onboarding and continuous professional development.
Interested in remote work opportunities in Cyber Security? Discover Cyber Security Remote Jobs featuring exclusive positions from top companies that offer flexible work arrangements.
- Identify, design, plan, and lead implementation of automation opportunities.
- Continuous improvement of the processes under your responsibility.
- Collaborate with cross-functional teams (including IT, operations, legal, and HR departments) to drive cybersecurity initiatives for ensuring alignment of security practices with business goals and regulatory requirements.
- Lead the evaluation and selection of third-party vendors or tools for risk management and security awareness.
- Provide expert guidance on risk management and compliance to all levels of the organization.
- Provide regular status reports and metrics on GRC activities, risk posture, and security awareness initiatives to senior leadership, offering actionable insights and recommendations for improvements.
- Manage compliance reporting requirements.
Language
- Bilingual (English - Spanish) B2/C1.
- Bachelor’s degree in computer science. Post-graduate degree in cyber/information security is a plus.
- CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), or CISA (Certified Information Systems Auditor) preferred.
- Certifications in Risk Management (e.g., CRISC), GRC frameworks, and Security Awareness training programs are highly desirable.
Browse our curated collection of remote jobs across all categories and industries, featuring positions from top companies worldwide.
- 7+ years of experience in cybersecurity, with at least 3 years in a governance, risk, and compliance leadership role.
- Proven experience in audit and assessment processes, both internal and external, for cybersecurity programs and compliance.
- Proven experience in managing and delivering security awareness and training programs at an enterprise level.
- Hands-on experience with security tools, risk and compliance management software, and training platforms.
- Experience with cloud security is a plus (Azure, AWS, Google Cloud, etc.).
- Strong knowledge of cybersecurity frameworks, compliance with laws/regulations/ security standards (NIST, CCPA, GDPR, PCI DSS, etc.), and risk management methodologies.
- Strong knowledge of security concepts, policies, and tools, as well as the ability to identify risks and plan remediation.
- Communication and presentation skills, with the ability to engage stakeholders.
- Ability to stay current and adapt quickly to new regulations, emerging security trends, tools, and technologies.
- Strong problem-solving and analytical skills, with the ability to manage complex security challenges.
- Salary with all legal benefits
- Health Insurance
- Dental Insurance
- Paid Time Off (PTO) & Sick Leave
Similar Jobs
Explore other opportunities that match your interests
Visa Sponsorship
Relocation
Remote
Job Type
Full-time
Experience Level
Entry level
tiresia soluciones tecnológica...
Colombia
Visa Sponsorship
Relocation
Remote
Job Type
Full-time
Experience Level
Mid-Senior level
kommit
Colombia
Visa Sponsorship
Relocation
Remote
Job Type
Full-time
Experience Level
Mid-Senior level
Aha!
Colombia