Cybersecurity Program/Project Manager – Governance, Risk, & Compliance (GRC)

🌍 Remote, USA 🎯 Full-time 🕐 Posted Recently

Job Description

We are seeking an experienced Cybersecurity Program/Project Manager to lead and coordinate our Governance, Risk, and Compliance (GRC) shared service initiatives. This is a strategic role that requires both a deep understanding of cybersecurity risk management and expert-level program management skills. You will drive enterprise-wide GRC efforts and ensure the successful delivery of security compliance and risk programs aligned with industry frameworks and business objectives.

Lead GRC program delivery across a shared services model, serving multiple internal business units and stakeholders.
Ensure compliance with regulatory and industry standards (e.g., NIST, ISO 27001, FedRAMP, HIPAA, SOC 2).
Manage and mature governance frameworks, security policies, control testing activities, and risk assessments.
Coordinate with cross-functional teams to remediate findings, track risk mitigation efforts, and report compliance posture.
Serve as the primary point of contact for cybersecurity audits, assessments, and executive updates.
Develop program plans, schedules, risk registers, and performance dashboards for leadership and oversight.
Promote continuous improvement of GRC processes, tooling, and documentation.

Bachelor’s degree in Cybersecurity, Information Systems, Business, or a related field.
Project Management Professional (PMP) certification, Masters, or equivalent
5+ years of experience managing complex cybersecurity programs or projects.
5+ years of experience leading GRC, risk, or compliance functions within an enterprise environment.
Strong working knowledge of security frameworks and standards such as NIST CSF, NIST 800-53, ISO 27001, and COBIT.
Experience with GRC tools (e.g., CSAM, Xacta, Archer, ServiceNow GRC, etc).
Excellent communication, stakeholder management, and executive reporting skills.

Additional certifications such as CISSP, CISM, CRISC, CGEIT.
Experience operating in a shared services model or large-scale enterprise environment.
Familiarity with cloud security compliance frameworks (FedRAMP, ISO 27017/18, AWS/GCP/Azure controls).

Experience in converting wireframes and graphic designs into effective web interfaces.
Background in UX research, testing, and front-end graphic design.
Government or DOJ cybersecurity experience, particularly FISMA A&A accreditation.
Sense of Humor

Take ownership of enterprise-level GRC initiatives that impact organizational security posture.
Work in a collaborative, growth-oriented cybersecurity team.
Enjoy a flexible, inclusive work environment with room for advancement.
Competitive salary, benefits, and professional development support.

401K safe harbor plan with employer match, 10 paid holidays, 15 days of personal time off, health insurance, commuter benefits, tuition assistance, and more.

Job Type: Full-time