Senior Manager GRC

Define enterprise GRC target architecture and solution blueprints (data models, taxonomy, control libraries, business hierarchy, workflows, RBAC).,Lead complex use cases: Enterprise/Operational Risk, Resilience, Regulatory Compliance, Policy, IT/Cyber Risk, Vulnerability, Third Party Risk, Audit, Issues/Remediation, Business Continuity, Risk Analytics.,Perform hands-on configuration/customization across enterprise GRC technologies.,Implement end-to-end cloud solutions: OOTB package deployment, environment provisioning, platform hardening.,Build APIs/data pipelines; design event-driven integrations for continuous control monitoring and real-time risk insights.,Lead data migration/normalization/lineage; enable control testing automation and risk quantification reporting.,Establish Agile SDLC, program governance, RAID, and executive dashboards.,Design operating models (RACI, roles/processes, governance committees, three-lines model, control ownership, issue management).,Maintain GRC taxonomy: risk/control libraries, policies, authority documents, obligations mapping, evidence repositories.,Advise on regulations and frameworks; create compliance mappings and control rationalization.,Deliver enablement (admin/end-user training, playbooks, SOPs, knowledge transfer).,Drive adoption via stakeholder engagement, champions, benefits tracking; define KPIs for risk posture, compliance maturity, efficiency.,Develop accelerators, reference architectures, integration patterns, configuration blueprints.,Publish thought leadership, lead demos/POCs, support RFPs/solutioning; mentor junior staff.,Evaluate emerging capabilities (AI/ML analytics, control automation, continuous monitoring) and guide roadmaps.

10–15+ years in Risk Management with GRC specialization; proven lead architect/SME on multi-platform engagements.,End-to-end cloud GRC delivery on MetricStream, Archer, ServiceNow IRM/Compliance, AuditBoard (OOTB deployment and deep configuration).,Platform extension expertise in MetricStream (M7/M9, data model/workflow extensions, integration APIs), Archer (Application Builder, workflows, data feeds, calculated fields, reporting, packaging), ServiceNow (IRM, Policy & Compliance, VRM; GlideScript, Flow Designer, ACLs, CMDB, custom apps), and AuditBoard (Controls/testing, evidence, issues, reporting integrations).,Experience with integrations with SIEM, vulnerability scanners (Qualys/Tenable), CMDB/Business Hierarchy, regulatory feeds, ITSM/Jira, data lakes/warehouses, IAM/LDAP/SSO.,Experience installing/configuring MetricStream and ServiceNow OOTB packages; Archer packaging; AuditBoard onboarding.,Identity and access: LDAP/AD, SAML/OAuth/OIDC, role-based access and entitlements.,Agile SDLC leadership; PMO-level governance, risk, and benefits tracking.,Certifications: ServiceNow IRM, Archer, MetricStream, AuditBoard.,Knowledge of FAIR risk quantification, BI/analytics (Power BI/Tableau), continuous control monitoring.,Experience with Azure/AWS/GCP and security architectures for GRC integrations.

Comprehensive health and dental benefits, wellness subsidies, personal care days, retirement pension plans, flexible work arrangements, and extensive professional development support.