Sr. Governance, Risk and Compliance Manager - remote at Jobgether

São José da Laje, Alagoas, Brazil -

Full Time

Start Date

Immediate

Expiry Date

10 May, 26

Salary

0.0

Posted On

09 Feb, 26

Experience

10 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Governance, Risk Management, Compliance, NIST 800-171, CMMC, Cybersecurity, IT Audits, Risk Assessments, Project Management, Access Control, Security Policies, Cloud Architecture, Stakeholder Engagement, Data Integration, Audit Preparation, Control Frameworks

Industry

Internet Marketplace Platforms

Description

This position is posted by Jobgether on behalf of a partner company. We are currently looking for a Senior GRC Manager - REMOTE. In this critical role, you will lead and manage enterprise Governance, Risk, and Compliance (GRC) programs focused on key frameworks such as NIST 800-171 Rev. 2 and CMMC compliance. Your strategic insight and hands-on experience will be vital as we adapt and thrive within the defense and aerospace sectors. This position offers a unique opportunity to impact organizational success by operationalizing compliance in complex environments and expanding our compliance capabilities while promoting growth. \n Accountabilities Lead and manage enterprise GRC programs aligned with NIST 800-171 Rev. 2, CMMC, and NIST CSF requirements. Expand and mature compliance capabilities to support growth in the defense and aerospace market. Design, document, and refine foundational GRC elements including processes, risk frameworks, and control frameworks. Conduct stakeholder interviews, facilitated workshops, and documentation reviews to assess and improve GRC maturity. Develop, implement, and maintain security policies, procedures, and standard operating procedures (SOPs). Develop, maintain, and track Plans of Action and Milestones (POA&Ms). Demonstrate expertise in access control, including role-based access control (RBAC) and permission inheritance. Identify external data sources and design integration strategies between GRC platforms and third-party systems. Evaluate on-premises and cloud-based architectures, assessing impacts to sustainability, performance, and scalability. Prepare for and support internal and external audits, assessments, and regulatory reviews. Requirements Bachelor’s degree or equivalent military experience. Minimum of 10 years of experience in Cybersecurity, Technology, Risk Management, or External Audit. 5+ years of experience planning and leading IT audits and risk assessments. 4+ years of project or process management experience. Demonstrated ability to speak to CMMC standards, controls, and compliance processes. Hands-on experience developing and maintaining POA&Ms. Ability to travel up to 10%. Active Secret clearance or the ability to obtain one. Benefits Competitive Benefits: Medical (FSA + HSA), Dental, and Vision. Immediate 401K Vesting/Matching. Career Opportunity and Growth. Tuition Reimbursement. Student Loan Repayment. Generous PTO and 11 paid Holidays per year (9 regular and 2 floating). 8 weeks of 100% Paid Family Leave. \n Why Apply Through Jobgether? We use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Our system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team. We appreciate your interest and wish you the best! Data Privacy Notice: By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre-contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time. #LI-CL1

Responsibilities

Lead and manage enterprise Governance, Risk, and Compliance (GRC) programs focused on key frameworks such as NIST 800-171 Rev. 2 and CMMC compliance. Develop and maintain security policies, procedures, and standard operating procedures while preparing for internal and external audits.