×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Lead Manager, Security Governance, Risk & Compliance

Remote / Online - Candidates ideally in
Phoenix, Maricopa County, Arizona, 85003, USA
Listing for: Make-A-Wish America
Remote/Work from Home position
Listed on 2026-06-18
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Salary/Wage Range or Industry Benchmark: 80000 - 100000 USD Yearly USD 80000.00 100000.00 YEAR
Job Description & How to Apply Below

Lead Manager, Security Governance, Risk & Compliance

Remote

Who We Are

Our vision is to grant the wish of every eligible child. Through our mission, we are uniting communities to grant life‑changing wishes. As the world’s largest wish‑granting organization, we strive to create a sense of community and an environment where we warmly embrace our wish families, volunteers, and colleagues.

Location

Applicants must be authorized to work for any employer in the U.S. We do not sponsor employment visas or other immigration processes to attain or maintain employment eligibility.

Remote positions are open to applicants based anywhere in the continental U.S. Hybrid positions are open to applicants based in the Phoenix, Arizona area.

Position Summary

Work with a growing Information Technology Security team to support the organization's Governance, Risk, and Compliance (GRC) efforts. This role assists in maintaining policies, assessing risks, and ensuring compliance with regulatory requirements and internal standards. This position assists in the identification of control gaps, the development of remediation plans, and the monitoring of compliance activities. This position will contribute to activities such as audits, documentation, GRC application maintenance and the implementation of security controls, under the guidance of senior team members.

Knowledge

and Abilities
  • Demonstrated successful problem‑solving abilities.
  • Proficiency in project management, research, and data analysis.
  • Critical thinking and analytical skills to identify and diagnose threats.
  • Detail‑oriented with strong organizational skills.
  • Possess strong written and verbal communication skills.
  • Engage effectively with professionals at all levels of the organization.
  • Organizational skills to create detail reports.
  • Multitasking skills to complete other tasks while monitoring data systems.
  • Organize work and prioritize to meet deadlines. Make timely decisions with sound judgment.
Duties & Responsibilities
  • Assist in the development, implementation, and maintenance of GRC frameworks and managing third‑party risk.
  • Contribute to the assessment and mitigation of organizational risks.
  • Maintain internal policies, standards and security baselines, oriented toward compliance and regulatory standards— as well as, enforcement of secure practices.
  • Manage risk acceptance and policy exception processes, ingesting risks and creating tracking, reporting and accountability mechanisms.
  • Participate in audits of security controls and processes.
  • Assist with the creation and maintenance of documentation related to GRC activities, TPRM, Business Continuity Planning (BCP), Business Impact Analysis (BIA) and Disaster Recovery.
  • Assist in the identification of control gaps.
  • Contribute to the development of remediation plans.
  • Conduct due diligence on potential third‑party vendors to evaluate their security posture, financial stability, and compliance with relevant regulations.
  • Assist in monitoring compliance activities.
  • Collaborate with various departments to integrate TPRM into vendor management processes.
  • Perform vendor and product risk assessments, to align vendors and products with applicable standards, policies and security baselines.
  • Create and maintain vendor questionnaire and Data Protection Agreements (DPA).
  • Vendor Responsibility Agreement, covering performance standards, security obligations, adherence to the Change Management process, training, communications, and documentation.
  • Assist Legal with vendor reviews and responses.
  • Conduct audits of third‑party security controls, processes and vendor performance compliance and address and risks that arise.
  • Aid in the development of risk training and awareness programs.
  • Maintain GRC monitoring applications.
  • Perform other related job duties, as assigned.
Qualifications
  • Bachelor’s degree in Computer Science or related technology field or equivalent experience required.
  • 5+ years of total experience with 2+ years of hands‑on experience designing, building, and supporting enterprise GRC and TPRM solutions.
  • Understanding of GRC concepts and frameworks (e.g., ISO 27001, NIST, Cybersecurity Framework (CSF), SOC, GDPR).
  • Proficiency in Microsoft Office Suite…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search