Enterprise GRC Architect

Salary- $150K/Yr - $180K/Yr
Remote
Posted 3 weeks ago

Job Summary

We are seeking an experienced Enterprise GRC Architect to design, implement, and optimize enterprise-wide Governance, Risk, and Compliance (GRC) frameworks that align with organizational objectives, regulatory requirements, and cybersecurity strategies. The ideal candidate will serve as a strategic leader responsible for integrating risk management, compliance, security governance, and business resilience programs across the enterprise.

This role will work closely with executive leadership, cybersecurity teams, legal departments, audit functions, cloud security teams, and business stakeholders to establish a scalable GRC operating model that supports organizational growth while managing risk effectively.

The Enterprise GRC Architect will lead the design of governance frameworks, risk methodologies, compliance programs, and GRC technology solutions to enhance organizational resilience, regulatory compliance, and operational efficiency.


Key Responsibilities

Enterprise GRC Strategy & Architecture

  • Design and maintain enterprise-wide GRC architecture and operating models.
  • Develop governance structures that align with business and regulatory objectives.
  • Establish risk management frameworks across business units.
  • Integrate governance, risk, compliance, audit, and cybersecurity programs.
  • Drive enterprise GRC transformation initiatives.
  • Define GRC roadmaps and strategic objectives.

Risk Management

  • Design Enterprise Risk Management (ERM) frameworks.
  • Establish risk identification, assessment, monitoring, and reporting methodologies.
  • Develop Key Risk Indicators (KRIs) and risk appetite frameworks.
  • Facilitate enterprise risk assessments and workshops.
  • Support risk-based decision-making processes.
  • Monitor emerging business and cybersecurity risks.

Compliance & Regulatory Governance

  • Ensure compliance with industry regulations and standards.
  • Develop compliance governance programs and control frameworks.
  • Align enterprise controls with regulatory requirements.
  • Coordinate compliance assessments and audits.
  • Maintain regulatory compliance reporting mechanisms.
  • Monitor evolving regulatory requirements and industry trends.

Cybersecurity Governance

  • Integrate cybersecurity governance within enterprise GRC frameworks.
  • Collaborate with security teams to manage cyber risk.
  • Develop governance processes for cloud security and third-party risk.
  • Support security control assessments and compliance reviews.
  • Establish cybersecurity reporting metrics for executive leadership.
  • Promote security governance best practices across the organization.

GRC Technology & Automation

  • Lead implementation and optimization of GRC platforms.
  • Define GRC system architecture and integration requirements.
  • Automate risk, compliance, and audit workflows.
  • Develop governance dashboards and executive reporting solutions.
  • Ensure data integrity within GRC systems.
  • Evaluate emerging GRC technologies and automation opportunities.

Audit & Control Management

  • Design enterprise control frameworks.
  • Support internal and external audit programs.
  • Coordinate control assessments and remediation activities.
  • Monitor control effectiveness and maturity.
  • Develop audit readiness programs.
  • Track compliance and remediation metrics.

Executive Leadership & Stakeholder Management

  • Present enterprise risk posture to executive leadership.
  • Provide strategic recommendations to business leaders.
  • Lead cross-functional governance committees.
  • Collaborate with legal, privacy, security, and compliance teams.
  • Drive enterprise-wide risk awareness initiatives.
  • Support board-level reporting and governance activities.

Required Qualifications

Education

  • Bachelor’s Degree in Cybersecurity, Information Technology, Business Administration, Risk Management, Information Systems, or related field.
  • Master’s Degree preferred.

Experience

  • 8+ years of experience in Governance, Risk & Compliance (GRC), Enterprise Risk Management, Cybersecurity Governance, or Compliance.
  • 5+ years leading enterprise-level GRC initiatives.
  • Experience implementing enterprise GRC platforms.
  • Strong background in risk management and regulatory compliance.
  • Experience supporting audits and regulatory assessments.

Required Technical Skills

GRC Platforms

  • ServiceNow GRC
  • Archer IRM
  • AuditBoard
  • OneTrust
  • MetricStream
  • RSA Archer

Frameworks & Standards

  • NIST Cybersecurity Framework
  • NIST Risk Management Framework (RMF)
  • ISO/IEC 27001
  • COBIT
  • SOC 2
  • PCI DSS
  • HIPAA
  • FedRAMP

Cloud Platforms

  • Microsoft Azure
  • AWS
  • Google Cloud Platform (GCP)

Risk Methodologies

  • Enterprise Risk Management (ERM)
  • FAIR Risk Analysis
  • Control Framework Design
  • Risk Quantification
  • Third-Party Risk Management

Preferred Certifications

  • Certified Information Systems Security Professional (CISSP)
  • Certified in Risk and Information Systems Control (CRISC)
  • Certified Information Security Manager (CISM)
  • Certified in Governance, Risk and Compliance (CGRC)
  • Project Management Professional (PMP)
  • ISO 27001 Lead Implementer

Key Competencies

  • Enterprise Risk Management
  • GRC Program Development
  • Regulatory Compliance
  • Cybersecurity Governance
  • Strategic Planning
  • Executive Communication
  • Audit Management
  • Risk Quantification
  • Cloud Governance
  • Leadership & Stakeholder Management

Job Features

Job CategoryGRC

Apply For This Job

A valid phone number is required.