IT GRC & Security Risk Manager

job summary:

Elevate your career! We're seeking a strategic IT GRC & Security Risk Manager to lead critical security and compliance programs. This is a unique opportunity to drive significant impact and grow professionally. Apply today!

location: Des Moines, Iowa

job type: Permanent

salary: $115,000 - 135,000 per year

work hours: 8am to 5pm

education: Bachelors



responsibilities:

• Strategic Vision & Leadership: Develop and execute an enterprise-wide IT security strategy, aligning with business objectives and regulatory mandates. Drive continuous improvement in security posture and compliance frameworks.
• Risk Management & Compliance: Oversee the integration of GRC functions, ensuring adherence to internal controls, regulatory standards, and audit requirements. Lead audit remediation efforts and maintain strong relationships with auditors and regulators.
• Security Operations & Architecture: Direct security operations, including threat detection, incident response, and vulnerability management. Design and implement robust security architectures to defend against evolving cyber threats.
• Policy & Governance: Develop and enforce comprehensive information security policies, procedures, and standards. Lead IT governance initiatives and integrate security considerations into the software development lifecycle.
• Identity & Access Management (IAM): Provide strategic leadership for IAM programs, ensuring secure and efficient access to IT resources.
• Team Leadership & Development: Mentor and develop a high-performing security and compliance team, fostering a culture of continuous learning and professional growth.
• Reporting & Communication: Develop and maintain reporting mechanisms to communicate security and compliance posture to senior management and the board.

#LI-AR2

qualifications:

• 10 years of progressive experience in IT security and risk management, preferably within a regulated industry.
• Proven leadership in developing and implementing comprehensive security strategies and programs.
• Deep expertise in risk management, compliance frameworks (NIST, COBIT, etc.), and regulatory requirements.
• Strong understanding of security tools and platforms (SIEM, IPS/IDS, DLP, etc.).
• Relevant certifications (CISSP, CISM, CRISC, or equivalent) are highly desirable.
• Bachelor's degree in a related field or equivalent experience.

skills:

• Extensive experience in cyber threat and vulnerability analysis, penetration testing, and incident response.
• Demonstrated ability to lead and develop high-performing teams.
• Excellent communication and stakeholder management skills.

Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.

At Randstad Digital, we welcome people of all abilities and want to ensure that our hiring and interview process meets the needs of all applicants. If you require a reasonable accommodation to make your application or interview experience a great one, please contact

Pay offered to a successful candidate will be based on several factors including the candidate's education, work experience, work location, specific job duties, certifications, etc. In addition, Randstad Digital offers a comprehensive benefits package, including health, an incentive and recognition program, and 401K contribution (all benefits are based on eligibility).

This posting is open for thirty (30) days.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.