0
Post a Job

Manager, Information Security & Compliance

Remote USA
Login to bookmark

Granicus

https://granicus.com/
We are looking for an Information Security Manager with experience managing multiple compliance frameworks and audits. This role will manage a complex information security and compliance program, which includes CJIS, ISO 27001, SOC 2, PCI, FISMA, HIPAA, CyberEssentials, StateRAMP, and TxRAMP. This role will report to the Head of GRC and partner with the manager of the FedRAMP program. You will have a strong background in cybersecurity and compliance, with proven experience managing multiple compliance audits, multiple products, and large security initiatives with cross-functional teams. You will manage projects related to compliance controls mapping, organizational security improvements, and external audits. The compliance program encompasses FedRAMP, StateRAMP, TxRAMP, ISO 27001, SOC 2, PCI, HIPAA, FISMA, CJIS, and Cyber Essentials.

What your impact will look like:

    • Manage overall compliance and audit program, including TxRAMP, StateRAMP, ISO 27001, SOC 2, PCI, HIPAA, FISMA, and Cyber Essentials
    • Lead and manage the security program initiatives, ensuring alignment with Granicus’ security objectives
    • Maintain and develop additional audit runbooks, documenting control implementation, evidence requirements, and internal references
    • Manage internal and external audits, including scheduling the audits, preparing internal teams for audit discussions, managing evidence requests, and tracking findings or continuous improvement recommendations
    • Manage the CJIS program, including CJIS policies, procedures, and audits.
    • Perform regular internal CJIS compliance audits and manage the external CJIS audits, including to support customer CJIS programs or FBI audits
    • Drive compliance control management program improvements, including common control mapping and template creation
    • Collaborate with cross-functional teams for PCI program efficiencies across multiple products
    • Lead continuous improvement reviews for response and recovery, including incident response, backups, failover / switchover, disaster recovery, and business continuity
    • Manage the Third Party Risk Management program and partner with the Procurement working group
    • Manage review and update of CJIS policies and procedures documents
    • Support review and update cycles of other information security policies and trainings, along with other security stakeholders
    • Manage internal and external customer requests
    • Manage and grow the security answer library, customer resources, and internal FAQ
    • Maintain and create additional customer security collateral to enable pre and post sales customer resources
    • Other duties as assigned

You’ll love this job if you have:

    • Manage overall compliance and audit program, including TxRAMP, StateRAMP, ISO 27001, SOC 2, PCI, HIPAA, FISMA, and Cyber Essentials
    • Lead and manage the security program initiatives, ensuring alignment with Granicus’ security objectives
    • Maintain and develop additional audit runbooks, documenting control implementation, evidence requirements, and internal references
    • Manage internal and external audits, including scheduling the audits, preparing internal teams for audit discussions, managing evidence requests, and tracking findings or continuous improvement recommendations
    • Manage the CJIS program, including CJIS policies, procedures, and audits.
    • Perform regular internal CJIS compliance audits and manage the external CJIS audits, including to support customer CJIS programs or FBI audits
    • Drive compliance control management program improvements, including common control mapping and template creation
    • Collaborate with cross-functional teams for PCI program efficiencies across multiple products
    • Lead continuous improvement reviews for response and recovery, including incident response, backups, failover / switchover, disaster recovery, and business continuity
    • Manage the Third Party Risk Management program and partner with the Procurement working group
    • Manage review and update of CJIS policies and procedures documents
    • Support review and update cycles of other information security policies and trainings, along with other security stakeholders
    • Manage internal and external customer requests
    • Manage and grow the security answer library, customer resources, and internal FAQ
    • Maintain and create additional customer security collateral to enable pre and post sales customer resources
    • Other duties as assigned
$160,000 – $180,000 a year
Job Overview

Related Jobs

Technical Pentest Manager
  • Remote,USA
Remote USA
Senior SOC Security Engineer
  • Remote,USA
Remote USA
Security Engineer [IC2-IC3]
  • Remote,USA
  • $72,000 - $18,800
Remote USA
Information Security Architect
  • Remote,USA
  • $123,000 - $155,000
Remote USA
Cybersecurity Engineer
  • Remote,USA
  • $220,000 - $220,000
Remote USA
IT Automation & Security Engineer
  • Remote,USA
Remote USA
Job alerts

Subscribe to our weekly job alerts below and never miss the latest jobs

Thanks, I’m not interested

Sign in

Not a member? Sign up Forgot Password

Sign Up

Already have an account? Sign in Forgot Password

Forgotten Password

Cancel

Job Quick Search

Cart

Cart

Share