×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security IT Consultant Data Security

Sr. Manager, IT Security - GRC

Job in Riverton Siding, Salt Lake County, Utah, USA
Listing for: Swire Coca-Cola
Full Time position
Listed on 2026-05-24
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, IT Consultant, Data Security
Salary/Wage Range or Industry Benchmark: 100000 - 130000 USD Yearly USD 100000.00 130000.00 YEAR
Job Description & How to Apply Below
Location: Riverton Siding

Sr. Manager, Governance, Risk & Compliance (GRC) – Cybersecurity

Swire Coca-Cola is seeking a Sr. Manager, IT Security - GRC to lead and mature our cybersecurity governance, risk management, and compliance programs. This role is responsible for ensuring cybersecurity risks are identified, managed, and communicated effectively while aligning security controls with regulatory, contractual, and business requirements. The GRC Manager partners closely with IT Infrastructure, Security Operations, Legal, Internal Audit, and business leaders to enable secure and compliant operations across the enterprise.

This role requires a strong balance of cybersecurity expertise, risk management discipline, and business acumen, with the ability to translate technical security risks into clear business impact for executive and senior leadership audiences.

Responsibilities
  • Lead and mature the enterprise cybersecurity governance, risk, and compliance (GRC) program, including policies, standards, procedures, and metrics
  • Maintain and align cybersecurity frameworks with industry standards such as NIST CSF, ISO 27001, CIS, and SOC 2
  • Mature and oversee security risk tolerance, exception management, and control ownership processes
  • Ensure cybersecurity governance aligns with enterprise risk management (ERM) objectives
  • Lead cybersecurity risk assessments, control gap analyses, and third‑party risk assessments
  • Maintain the enterprise cyber risk register, including risk scoring, treatment plans, and remediation tracking
  • Partner with technical and business teams to ensure risks are mitigated, transferred, or formally accepted
  • Translate technical threats and vulnerabilities into clear, business‑focused risk statements
  • Manage cybersecurity compliance initiatives for regulatory, industry, and contractual obligations (e.g., SOC 2, ISO, SOX, HIPAA, PCI, privacy frameworks)
  • Act as primary liaison for internal and external audits, coordinating evidence collection and remediation activities
  • Support customer security assessments, due diligence requests, and RFP responses
  • Monitor regulatory changes and assess organizational impact
  • Develop and maintain cybersecurity risk and compliance metrics for leadership
  • Create dashboards and reports that clearly communicate risk posture, trends, and remediation status
  • Present risk assessments, recommendations, and program updates to senior leadership
  • Lead, mentor, and develop GRC engineers, analysts or contributors
  • Collaborate with Security Operations, Engineering, Legal, Internal Audit, and Procurement teams
  • Promote risk‑aware decision‑making and a culture of security accountability
Requirements
  • Bachelor’s Degree in Information Security, Information Technology, Risk Management, or a related field
  • 7+ years of experience in cybersecurity, risk management, compliance, or audit roles
  • 3+ years of experience in a GRC leadership or senior individual contributor role
  • Strong working knowledge of NIST CSF, ISO 27001, SOC 2, and cybersecurity risk assessment methodologies

    Experience managing audits, compliance programs, and enterprise risk registers end‑to‑end
  • Excellent written and verbal communication skills, with the ability to influence senior leaders
  • Proven ability to balance security requirements with business objectives
  • Experience with GRC platforms such as Service Now GRC, Archer, Drata, Vanta, or One Trust preferred
  • Professional certifications such as CISSP, CISM, CISA, CRISC, or ISO 27001 Lead Implementer preferred
Benefits
  • Health coverage (3 medical options, dental and vision) . 401(k) Retirement Plan w/company match
  • Health Savings Accounts w/company match
  • FREE virtual primary care, acute care and physical therap y
  • FREE Employee Assistance Program
  • Company paid (vacation, holidays, sick time, bereavement, jury duty, maternity/parental , disability leave and volunteer time )
  • Discounted & free product
  • Opportunities for career advancement

Due to the nature of our work and to help maintain a safe workplace for our employees and customers, after a candidate receives a conditional offer of employment, they will be required to complete pre-employment screening. This includes a criminal background check, drug screening, and for certain roles,…

To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search