Manager, GRC

Everett, United States | Posted on 11/20/2025

We're building the fiber network you deserve. Consistently fast, refreshingly straightforward and giving you control. From our home base in Kirkland, Washington, we're connecting over one million homes and businesses across the states we serve with fiber internet that works the way it should. No gimmicks, no gotchas. Internet shouldn’t get in the way of life: it should make it better.

Position Title:

Governance, Risk, and Compliance (GRC) Manager

$114,152 to $145,664 annually DOE

Sick leave and paid time off, parental leave, quarterly performance bonus, training, career growth.

At Ziply Fiber, our mission is to elevate the connected lives of our communities every day. We are delivering the fastest home internet in the Northwest, with a focus on areas traditionally underserved by mainstream internet companies. And as our state‑of‑the‑art fiber network expands in WA, OR,  MT, so does our need for team members who can help us grow and realize our goals.

We may be building internet, but we are reaching real people. We strive to build relationships and provide customers and communities with refreshingly great experiences.

We emphasize our values in all our interactions:

• Genuinely Caring:
  Our customers and colleagues are people, and quite possibly our neighbors. We put ourselves in their shoes and give them our full attention.
• Empowering You:
  We empower our customers to choose the products that best meet their needs, and we support our employees to implement solutions that elevate the experiences of our customers and coworkers.
• Innovation and Improvement:
  We always look for ways to make the experiences of our customers – and each other – better.
• Earning Your Trust:
  We earn trust by communicating simply and transparently as real people, not as a corporation.

To be considered for this role, you must live within commuting distance of Seattle, WA or Dallas, TX.

The Governance, Risk, and Compliance (GRC) Manager will be responsible for overseeing all aspects of Ziply Fiber’s governance, risk, and compliance framework. They will ensure that all policies and procedures are aligned with industry regulations and best practices and provide guidance on potential risks and compliance issues. The GRC Manager serves as the central subject matter expert of Ziply’s risk, compliance, audit, and policy lifecycle programs and works closely with senior leadership to develop strategies for mitigating risks and enhancing overall governance practices.

This role is critical for maintaining a proactive compliance posture aligned with regulatory frameworks such as NIST 800‑171, FCC LOA, and PCI‑DSS.

• Lead and manage the GRC team, ensuring clear direction, motivation, and support.
• Recruit, train, and retain skilled professionals in governance, risk, and compliance.
• Set performance objectives, conduct regular evaluations, and provide constructive feedback.
• Lead initiatives that support vendor risk oversight, internal policy enforcement, legal hold coordination, and audit readiness.
• Drive operationalization of Ziply's compliance commitments and serve as the key liaison to auditors and regulators.
• Own and lead the full lifecycle of policy development, executive approval, publication, and cross‑functional enforcement across business units.
• Drive alignment with critical frameworks (NIST 800‑171, PCI‑DSS) and maintain compliance with all applicable state and federal regulations.
• Head the audit process, lead internal and external audit readiness and response efforts, oversee control testing, evidence collection, remediation, and closeout reporting.
• Manage and maintain the enterprise risk register; drive mitigation planning, track issue resolution, and elevate emerging threats to senior leadership.
• Oversee third‑party risk management, including vendor assessments, compliance attestations, contractual risk reviews, and annual reassessments.
• Serve as GRC lead for M&A activities—conducting due diligence, identifying control gaps in acquired entities, and ensuring compliance integration post‑close.
• Own the business continuity and disaster recovery…