The Information Security Governance, Risk and Compliance Manager will report to the Director of Infrastructure and Security to secure, maintain and grow a best in class technology services and technology ecosystem. This role is a hands-on Management role that will leverage your technical and people skills. This role offers a unique opportunity to shape and grow our security culture. We are looking for a versatile professional who is looking to make an impact across the company.
What You’ll Do
- Deliver security and risk management by developing policies, standards, process, people and technology to assess and mitigate risks.
- Be accountable for the critical assets program, education and awareness initiatives and 3rd party risk as well as manage security awareness campaigns and report results to Senior leadership team
- Deliver a capable IT business continuity and IT risk management capability.
- Build and maintain a risk-based compliance program across a broad set of industry and compliance regulations and requirements and respond to, and coordinate audit requests.
- Provide guidance on the governance and management of information security risks for major IT programmes and critical initiatives and be able to translate security controls to technical & non-technical partners
- Ability to establish relationships and influence key collaborators at all levels of the organization in order to build the reputation of Information Security and influence internal and external partners
- Define and communicate plans, procedures, policies, and standards for the organization for building, implementing, and operating new systems, equipment, applications, and services.
- Manage the creation, design and documentation of related processes, procedures and playbooks to support the company to reduce risk and vulnerability exposure
- Analyze Tech, Product, and IT Team requirements and provide objective advice on the use of IT security requirements and controls. Define, design and implement security measures as needed
- Assist with analysis and process improvement ideas for identified security issues. Take initiative to create cost-effective solutions
- 5+ years progressive experience in GRC with demonstrated ability in a management position.
- 3+ years of experience in Security Operations/Engineering performing security analysis and investigations, incident response, and analysis
- Must possess excellent people management and interpersonal skills with the ability to collaborate and communicate effectively
- Proven track record of recruiting, building and leading successful teams
- Consistent record of contributing to the strategy for information security in a sophisticated environment and for designing and implementing organization-level policies, standards and guidance.
- Knowledge of common information security management/governance frameworks, such as NIST, ISO/IEC 27001, ITIL and COBIT
- Experience of coordinating and managing the relationships and engagements with 3rd party auditors.
- Experience with privacy regulations and associated programs
- Application Security experience
- Great to have: CISSP, CCSP, GCP or AWS security certifications
The Perks of Working With Us
- Take advantage of excellent benefits, including health, dental, vision, and life coverage.
- Invest in your future with our matching 401K program.
- Enjoy the flexibility of a hybrid work-from-home schedule based on position and tenure.
- Build relationships and take part in learning opportunities through our Employee Resource Groups.
- Get recognized through our employee rewards program.
- Leave the suit and tie at home; our dress code is casual.
- Eat for free on Fridays…lunch is on Arrive! Snack and lunch options are also available daily.
- Work in the heart of downtown Chicago, IL!
- Take advantage of our transportation reimbursement program and make your way to work via the train, bus, car or bike! There are CTA and L train stops walking distance from the office and you can store your bike safely inside of the building.
- Sweat it out with local gym discounts or at the LifeStart gym in our office building that includes brand new Peloton bikes, top-of-the-line equipment and personal training options.
- Maximize your wellness with free counseling sessions through our Employee Assistance Program
- Get paid to work with your friends through our Referral Program!
- Get relocation assistance – If you are not local to the area, we offer relocation packages and have a Relocation Specialist who can help you along the way.
Your Arrive Experience
When we say “award-winning culture,” we mean it. We’ve already earned “Best Place to Work” honors from Inc. Magazine (three years in a row!), Austin Business Journal and the Chicago Tribune. We intend on topping many more of those lists in the years to come, but we’re not in it for the trophies. We’re committed to culture because it keeps us connected to each other and invested in our shared success while having a blast along the way. Our employee-founded resource groups create communities within Arrive’s walls, including Women in Logistics, Emerging Professionals, PRISMS, Black Logistics Group, and Salute.