×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Cybersecurity Governance, Risk & Compliance; GRC Lead

Job in Pleasanton, Alameda County, California, 94566, USA
Listing for: The Clorox Company
Full Time position
Listed on 2026-06-05
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Salary/Wage Range or Industry Benchmark: 120000 - 150000 USD Yearly USD 120000.00 150000.00 YEAR
Job Description & How to Apply Below
Cybersecurity Governance, Risk & Compliance (GRC) Lead page is loaded## Cybersecurity Governance, Risk & Compliance (GRC) Lead locations:
Pleasanton, CA - USAtime type:
Full time posted on:
Posted Todayjob requisition :
21844

Clorox is the place that’s committed to growth – for our people and our brands. Guided by our purpose and values, and with people at the center of everything we do, we believe every one of us can make a positive impact on consumers, communities, and teammates. Join our team.
** Your role at Clorox:
** We are seeking a highly skilled and motivated Cybersecurity Governance, Risk & Compliance (GRC) Lead . This position reports to the Cybersecurity GRC Product Owner. The mission of this role is to support and continuously improve the company’s cybersecurity program, with a focus on driving risk informed decision making across sensitive data, systems, cloud environments, and third party relationships.
In this role, the individual will work cross functionally as a trusted security advisor to identify, assess, and manage cybersecurity risks; ensure compliance with internal security policies, industry frameworks, and regulatory requirements; and guide business and technology leaders in making informed risk management decisions. The role requires a strong understanding of cybersecurity risks, technologies, and controls, as well as the ability to clearly communicate complex risk concepts to both technical and non technical stakeholders.
The ideal candidate is deadline driven, detail oriented, and an excellent communicator, with deep expertise in cybersecurity governance and risk management best practices, with a focus on including third party security risk.
** In this role, you will:
**** Third‐Party Risk Management (TPRM)
*** Lead and execute
** third‐party cybersecurity risk assessments
** throughout the vendor lifecycle, including onboarding, periodic reassessment, contract renewal, and offboarding.
* Evaluate vendor security posture using multiple inputs, including questionnaires, SOC reports, penetration test summaries, certifications, and evidence artifacts.
* Assess
** critical and high‐risk vendors**, including SaaS, cloud service providers, data processors, and managed service providers, for alignment with company security and privacy requirements.
* Partner with
** Procurement, Legal, Privacy, IT, and the business
** to ensure cybersecurity risks associated with third parties are identified, documented, and addressed prior to contract execution.
* Define and enforce
** risk‐based onboarding and reassessment requirements
** aligned to vendor criticality, data sensitivity, and system access.
* Track third‐party risk findings, remediation commitments, and compensating controls to closure; escalate overdue or unacceptable risks as appropriate.
* Support contract security requirements, including review of security clauses, right‐to‐audit provisions, data protection obligations, and incident notification requirements.
* Maintain visibility into third‐party risk trends and exposures and report material risks to leadership.
* Ensure third‐party risk processes meet
** public‐company audit and regulatory expectations
** and support internal audit and external reviews.
** Cyber Risk & Compliance
*** Assess cybersecurity risks related to
** internal systems, cloud services, applications, and third‐party vendors
** across technology and operational initiatives.
* Ensure alignment with applicable cybersecurity, privacy, and compliance frameworks (e.g.,
** NIST, ISO, SOC, SOX, GDPR, CCPA**).
* Support day‐to‐day operations by identifying cybersecurity compliance risks, ensuring appropriate escalation, and coordinating timely corrective actions.
* Collaborate with technical and non‐technical teams to evaluate the effectiveness of security controls, identify and categorize risks, recommend improvements, and communicate outcomes.
* Facilitate the development, maintenance, and enforcement of cybersecurity policies and standards in collaboration with internal subject matter experts.
* Challenge the first line of defense by validating required assessments and attestations (e.g.,
** PCI, SOX, GDPR, CCPA**) and providing…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search