Governance, Risk & Compliance Security Manager

Overview

The GRC Manager will be responsible for ensuring the company’s security posture meets industry best practices and regulatory standards. This includes managing security documentation and policies, overseeing remediation activities, managing the TPRM program, and conducting vendor assessments.  The GRC Manager will also be responsible for developing and implementing security awareness training programs.

Responsibilities

• Serve as the primary contact for TPRM, security assessments, and client security questionnaires, facilitating thorough and efficient audits.
• Manage and maintain security documentation and policies, ensuring clear communication and access for clients and third parties.
• Oversee customer remediation activities, including tracking and addressing security requirements and requests from clients.

• Develop and update security-related policies to ensure adherence to regulatory standards and industry’s best practices.
• Implement and oversee security awareness training programs for new hires and annual recertifications, maintaining and updating training materials.
• Manage the security risk register in alignment with compliance requirements, overseeing remediation initiatives and timelines.
• Collaborate closely with the Legal and Privacy teams to address regulatory and contractual security requirements, including review of security terms.

• Conduct comprehensive vendor assessments for new partnerships, including annual reviews of high-risk vendors and evaluations for vendor terminations.
• Perform security audits of high-risk vendors to confirm adherence to vendor security policies and standards.

• Manage the PCI Self-Assessment Questionnaire (SAQ) process to determine the appropriate attestation level on an annual basis.
• Identify and recommend security certifications (e.g., SOC 2, ISO 27001) that align with business requirements, and oversee the certification process.

Qualifications

• Bachelor’s degree in information security, Risk Management, Business Administration, or a related field. A master’s degree is preferred.

• 5 years in governance, risk management, compliance, or a related field, with a focus on client security assurance and vendor risk management.
• Strong understanding of security frameworks and regulatory standards, including PCI, ISO 27001, and SOC2 Type 2.
• Proven expertise in creating and implementing security policies and compliance training programs.
• Relevant certifications (e.g., CRISC, CISM, CISA) are highly desirable.
• Strong analytical, problem-solving, and project management skills with keen attention to detail.
• Excellent communication and interpersonal abilities, with experience working cross-functionally across departments.

Pay Range

EEO Statement /Reasonable Accommodation Notice

Worldpac is committed to providing reasonable accommodations to qualified individuals with disabilities. If you require accommodations to perform the essential functions of the job, please contact talent@worldpac.com for assistance.

Worldpac is an Equal Opportunity Employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, disability, or veteran status.

Worldpac offers a comprehensive benefits package designed to support the health, financial well-being, and work-life balance of its employees. Key benefits include:

Health and Wellness:

• Medical, dental, and vision insurance plans to cater to various healthcare needs.
• Health Savings Accounts (HSAs) with company contributions for eligible plans.
• Flexible Spending Accounts (FSAs) for medical and dependent care expenses.
• Employee Assistance Programs (EAP) offering confidential counseling and support services.

Financial Benefits:

• 401(k) retirement plan with company match to assist in future financial planning.
• Life and Accidental Death & Dismemberment (AD&D) insurance for financial security.
• Short-term and long-term disability insurance to protect income during unforeseen circumstances.

Additional Perks:

• Paid time off, including vacation days and holidays, to encourage rest and personal time.
• Employee discounts on products and services.

Location Type

Salary : $138,000 - $174,000