Sr. Manager GRC
Bloom Energy · San Jose, CA · 2 days ago
OTHR$179k–$257k/yrFull-time
Key Responsibilities
- Develop and maintain security policies, procedures, frameworks, and standards, ensuring alignment with business objectives.
- Drive enterprise-wide security training program.
- Oversee enterprise cyber security risk assessments, identify vulnerabilities, implement mitigation strategies, and manage third-party risk.
- Maintain central risk register. Collaborate with central enterprise risk management function. Support sales by timely filling out security questionnaires.
- Ensure adherence to internal policies, industry standards (e.g., ISO 27001, CIS, NIST CSF), and external regulations (e.g., GDPR, CCPA, NERC-CIP, SOX).
- Primary liaison with external auditors for security compliance.
- Lead and mentor the GRC team, foster a culture of compliance, and drive strategic GRC initiatives.
- Collaborate with IT, legal, enterprise risk management, engineering, and business leaders; act as a liaison with auditors and regulators; and provide executive reporting.
- Establish metrics to track policy and compliance adherence and provide senior management with risk insights and compliance status on regular basis.
Key Skills & Qualifications
- Strong background in IT Security, Risk Management, and Compliance.
- Expertise in relevant laws, regulations, and frameworks such as ISO27001, NIST CSF, CIS.
- Drive several security programs leading to compliance.
- Security & vulnerability management, Change management, Logging environments, Periodic review of Active Directory, Group Policy and Access Management, Automated evidence collection.
- Excellent leadership, communication, and stakeholder management.
- Strategic thinking and problem-solving abilities.
- Experience with GRC tools, policies, standards, procedures is required.
- Ability to function as a self-directed team leader organizing work and meeting deadlines.
- Identify effectiveness & efficiency improvement initiatives and work toward completing these goals.
- High standards for consistency & quality within personal and team performance.
- Ability to work flexible hours to collaborate with global team.
- Ability and desire to obtain industry relevant compliance knowledge/certifications.
Required Education And Experience
- Bachelor's degree preferred.
- 12+ years of relevant industry experience with 7+ years in Compliance.
- Familiarity with various compliance standards including ISO27001, GDPR, CIS, NIST CSF.
Benefits
- Comprehensive benefits package including competitive Medical, Dental, and Vision plans with a large employer contribution, a 401(k) Retirement Plan with company match, generous Mental Health Support services, Legal services, virtual Physical Therapy access, and Fertility & Family Forming benefits.
- Equal Opportunity Employer.
Pay
Total compensation for this position includes standard company benefits and is based on various factors including, but not limited to, relevant skills and experience. Salary Ranges: $178,800.00 - $257,200.00.