×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity IT Project Manager IT Business Analyst Information Security

Manager, IT Security, Governance, Risk and Compliance

Job in Edgewater, Volusia County, Florida, 32132, USA
Listing for: Burlington Stores, Inc.
Full Time position
Listed on 2026-06-01
Job specializations:
  • IT/Tech
    Cybersecurity, IT Project Manager, IT Business Analyst, Information Security
Job Description & How to Apply Below

Position Overview


The Manager of Governance, Risk and Compliance (GRC) plays a critical mid-level leadership role within the Information Security function, responsible for translating strategy into operational execution across the GRC program. Reporting to the Director of GRC, this role provides daily oversight of analysts and leads, drives process maturity, and ensures consistent delivery of risk, audit, policy, and continuity efforts. The Manager of GRC helps shape the enterprise's risk posture while mentoring a high-performing team and fostering cross-functional collaboration.

This role requires a deep understanding of regulatory frameworks and an ability to communicate complex risk concepts in clear, actionable terms. The ideal candidate will proactively identify control gaps, coordinate effective mitigation, and ensure security efforts remain aligned with evolving business needs.

A Day in the Life


Enterprise Cyber

Risk Management:
  • Lead enterprise-wide cybersecurity risk assessments across business units and IT domains.
  • Own the accuracy and ongoing maintenance of the enterprise risk register, ensuring it is consistently updated and informed by stakeholder input.
  • Collaborate with business and IT leaders to define and apply enterprise risk tolerance thresholds.
  • Translate technical risk findings into actionable, business-relevant recommendations.
  • Identify and escalate systemic risks that could materially impact operations or compliance.
  • Monitor industry trends, threat intelligence, and regulatory changes to adjust risk posture.
  • Deliver clear, timely risk reports and dashboards to senior leadership and governance bodies.
  • Implement structured risk governance processes, including review cycles and escalation protocols.
  • Implement automated GRC tools and data analytics to improve cybersecurity risk management efficiency and accuracy.
  • Develop KPIs and KRIs for the security organization and maintain tactical and strategic dashboards to monitor risk and compliance efforts.
Management &

Collaboration:
  • Oversee GRC team operations, assigning work, setting priorities, and ensuring effective collaboration.
  • Partner with senior leadership and business stakeholders to align GRC efforts with enterprise goals.
  • Foster a high-performing, collaborative team culture through coaching, accountability, and career development.
Business Continuity and Disaster Recovery (BC/DR):
  • Lead collaboration with IT and business leaders to identify mission-critical applications and conduct comprehensive BIA, define RTO/RPO, and recovery procedures.
  • Develop dependency mappings for critical systems with application and infrastructure teams.
  • Oversee documentation of recovery procedures, including technical and business continuity procedures.
  • Lead tabletop exercises and failover/failback recovery testing with IT and business users.
  • Identify gaps in the BC/DR program and take ownership of remediation.
  • Ensure business continuity objectives are effectively aligned with IT capabilities to support organizational resilience during disruptions.
  • Contribute to recovery planning efforts and facilitate coordination among IT and business teams to ensure effective response during disruptions.
Vendor

Risk Management:
  • Partner with the procurement and legal teams to integrate cybersecurity function into the overall process, mitigating supply chain risks for the company.
  • Manage third-party risk processes, including assessments and reviews. Continuously identify opportunities for improvement to enhance its effectiveness and efficiency
  • Escalate high-risk vendor issues to leadership and work with business stakeholders to develop and execute mitigation plans.
  • Oversee monthly reporting on security assessments of AI vendors, provide expert analysis to leadership on AI-related risks and recommend strategic actions to resolve identified issues.
  • Establish and manage a comprehensive set of criteria and assessment questions to support third-party risk management activities.
Managed Security Service Provider (MSSP) and Third-Party Security Incidents:
  • Own vendor incident response governance program and playbooks.
  • Ensure vendors provide formal evidence of incident containment and remediation and…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search