Governance, Risk & Compliance (GRC) Lead

Description

Sargent & Lundy is a global leader in power and energy consulting, where innovation meets integrity, diversity, and a commitment to quality. We stay at the forefront of today’s opportunities in advanced nuclear power, decarbonization, smart grids, battery energy storage systems, hydrogen applications, electric transportation grids, digital modernization, and more. Our distinctive capabilities provide domestic and international clients and partners with a thoroughly reliable source of comprehensive expertise. Sargent & Lundy offers challenge, growth, flexibility, competitive salaries and benefits.

Position Summary: 

Are you ready to take on a transformative leadership role? Sargent & Lundy is searching for an innovative and forward-thinking GRC Lead to spearhead our Governance, Risk, and Compliance (GRC) team. In this position, you will play a critical role in bridging the gap between our current state and an ambitious future, driving our Security Organization towards excellence.

As a visionary leader, you will identify opportunities for growth and enhancement, forging strong relationships across diverse business groups to ensure our GRC objectives are fully integrated with our broader security strategy. Your leadership will be instrumental in guiding a high-performing GRC team, setting targeted performance goals, and executing a comprehensive roadmap.

In this role, you will have the exciting opportunity to establish new capabilities in privacy, third-party risk management (TPRM), and audit processes, paving the way for our organization to achieve ISO 27001 and CMMC certifications. Collaborating closely on-site in our Chicago office, you will be at the forefront of aligning cutting-edge security initiatives with our business aspirations.

Essential Responsibilities:

• Partner with senior leadership to drive the GRC team in achieving targeted performance goals aligned with the organization's strategic vision.
• Proactively identify and address governance gaps, ensuring timely implementation of recommendations across business units.
• Drive a culture of accountability. Commit to success metrics and goals through continuous monitoring of KPIs.
• Develop, write, and enforce security policies, standards, and procedures that align with organizational goals.
• Align GRC goals with the overall security strategy, acting as a trusted advisor to both the business and technical teams.
• Execute a comprehensive roadmap for measurable improvements in risk and vulnerability management, incident response, security training, and related processes.
• Establish robust new capabilities in privacy, TPRM, and audit functions to enhance organizational resilience.
• Lead the organization in its pursuit of ISO 27001 and CMMC certifications, ensuring compliance and best practices.
• Spearhead automation initiatives to reduce Keeping The Lights On (KTLO) activities, enhancing operational efficiency.

Deep Knowledge of:

Governance

• Policy writing and implementation.
• Knowledge of data governance best practices, including data classification, handling, and retention policies.
• Familiarity with cloud security best practices and frameworks.
• Incident response plans and procedures, including experience with tabletop exercises.

Security Tools

• TPRM Tools (OneTrust, Bitsight)
• Risk Registers\GRC Tools (Hyperproof, or others)
• Vulnerability Management Tools (Qualys, Crowdstrike)
•  Privilege Access Management Tools (Delinea Secret Server)
• Identity and Access Management (Entra, Okta)

Qualifications

• Bachelor’s degree in computer science, information systems, or a related field, or equivalent professional experience.
• A minimum of 5 years of experience in GRC or a related field, with at least 2 years in a leadership capacity.
• Deep understanding of security frameworks and certifications, including ISO 27001, SOC 2, and NIST Cybersecurity Framework (CSF).
• Proven expertise in risk management, compliance, resilience, security policy and standards, vendor risk management, security metrics, and security training and awareness.
• Exceptional communication and presentation skills, with the ability to influence stakeholders and drive strategic initiatives.
• Strong familiarity with security technologies and both on-premises and cloud infrastructures, complemented by a problem-solving mindset to address IT system challenges effectively.
• Professional security management certifications (e.g., CISSP, CISM, CRISC) or progress towards one will be advantageous.

Required Behaviors:

• Compassionate Candor: Provide candid, actionable feedback to enhance team performance and individual growth.
• Seek to Understand: Embrace curiosity and a commitment to continuous learning, fostering an environment of collaboration and innovation.
• We Before Me: Actively collaborate and engage diverse perspectives to ensure collective success.
• Do What You Say: Take ownership of commitments, prioritizing and delivering on key initiatives.
• Light Up Learning: Encourage bravery in trying new ideas, sharing failures as opportunities for growth and learning.
• Driven by Passion: Connect personal passion to the mission, demonstrating resilience in the face of challenges while pursuing organizational goals.

Why Join Us?

• Work in an established company that values innovation and growth.
• Engage with a collaborative team that is dedicated to making a meaningful impact in the energy sector.
• Gain exposure to cutting-edge projects and contribute to data-driven decision-making processes.

We do not sponsor employees for work authorization in the U.S. for this position.

Sargent & Lundy is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability status, protected veteran status, or any protected status as defined by law.

Award-Winning Benefits

At Sargent & Lundy, we care about the health and well-being of our employees. Our commitment extends beyond the workplace, offering comprehensive healthcare plans and generous paid time off to support our team members in every aspect of their lives. We understand the importance of work-life balance, which is why we are proud to provide competitive, award-winning benefits. Our dedication to employee satisfaction has earned us the prestigious Top Workplaces Culture Excellence Award for compensation and benefits in 2022, 2023, and 2024.

• Health Plans: Medical, Dental, Vision
• Life & Accident Insurance
• Disability Coverage
• Employee Assistance Program (EAP)
• Back-Up Daycare
• FSA & HSA

• 401(k)
• Pre-Tax Commuter Account
• Merit Scholarship Program
• Employee Discount Program
• Corporate Charitable Giving Program
• Tuition Assistance
• First Professional Licensure Bonus
• Employee Referral Bonus

• Paid Annual Personal/Sick Time (PST)
• Paid Vacation
• Paid Holidays
• Paid Parental Leave
• Paid Bereavement Leave
• Flexible Work Arrangements

Compensation Range

Awards & Recognition

Salary : $119,000 - $135,000