Manager, Information Security & GRC

Visier gives organizations a Workforce AI Edge: a set of AI-powered capabilities that help leaders understand the relationship between people and work, elevate the productivity of their employees, and win by adapting to change faster. We're a global leader in AI-powered people analytics, workforce planning, and compensation management solutions. All Visier technology is underpinned by its Real-time People Data Platform, which uses AI to unlock the business-transforming potential of people data, work data, and the fusion of both.

Founded in 2010 by the pioneers of business intelligence, Visier has over 60k customers in 75 countries - including enterprises like BASF, Panasonic, Experian, Amgen, eBay, Ford Motor Company, and more.

As our Manager, Information Security & GRC, you will be the architect and cornerstone of our integrated risk management and internal security programs. You will be responsible for safeguarding our corporate assets, data, and employees by developing and maturing our Governance, Risk, and Compliance (GRC) framework. This strategic leadership role requires a unique blend of technical security expertise and a deep understanding of business processes. You will not only manage our security posture but also ensure the entire organization makes risk-informed decisions aligned with our strategic objectives

What you'll do

• Develop and enforce security policies and procedures, establishing clear guidelines for everything from data handling to acceptable technology use.
• Implement and manage data protection and privacy measures to ensure compliance with relevant regulations.
• Align the security program with our overall GRC strategy, ensuring a unified controls framework that efficiently meets multiple compliance and governance requirements (e.g., ISO 27001, SOC 2, GDPR).
• Lead the incident response process, from initial detection and containment to eradication and recovery.
• Establish and manage the Enterprise Risk Management (ERM) program, including defining the corporate risk appetite, conducting risk assessments, and maintaining a central risk register.
• Educate employees on current threats and best practices to foster a company-wide security-conscious culture.
• Manage vendor and third-party risk, ensuring all external partners meet our security standards.
• Collaborate closely with IT and other departments to ensure security is seamlessly integrated into all corporate systems and processes.

What you Bring

• 8-10 years of relevant experience combined with +1 year of team management.
• Cloud Security Expertise: Deep knowledge of securing cloud environments like AWS, Azure, or GCP.
• Regulatory and Compliance Acumen: In-depth understanding of the laws, regulations, and standards relevant to the organization's industry and geographic locations. 
• Network Security: A strong understanding of firewalls, intrusion detection/prevention systems, and secure network architecture.
• Identity and Access Management (IAM): Proficiency with Single Sign-On (SSO) and Multi-Factor Authentication (MFA).
• Endpoint Security: Experience protecting employee devices and servers from threats.
• Audit Management: Proficiency in managing both internal and external audits, from planning and evidence gathering to responding to findings and tracking remediation.
• Vulnerability Management: The ability to identify, assess, and remediate vulnerabilities in corporate systems.
• Leadership and Communication: You can clearly articulate complex security concepts to both technical and non-technical audiences, influencing stakeholders across the organization.
• Strategic Thinking: The ability to align security initiatives with broader business objectives.
• Problem-Solving: The capacity to remain calm under pressure and make critical decisions during a security incident.

Nice-to-haves

• Professional certifications such as CISSP, CISM, or similar.

Most importantly, you share our values...

• You roll up your sleeves
• You make it easy
• You are proud
• You never stop learning
• You play to win

The base pay range for this position in the $110k - $150k/year + bonus

The compensation offered will be determined by factors such as relevant qualifications, experience, knowledge and skills. Many of our positions are eligible for additional types of compensation (e.g., commission plans, bonus, etc.) which our Talent Acquisition team will share with you if you interview for the role.

Instagram - @visier_inc

Linkedin - https://www.linkedin.com/company/visier-analytics/

Visier Candidate Privacy Notice and Recruiter Policy