GRC Director

<p><strong>The Basics</strong></p> <p><span data-contrast="auto">Tanium is looking for a Governance, Risk, and Compliance (GRC) Director to join the information security team. This position reports directly to the CISO.</span></p> <p><span data-contrast="auto">The GRC Director is a leader with strong knowledge of security frameworks, controls, and audit techniques who seeks to improve how compliance programs are implemented and maintained. The ideal candidate will bring a passion for tangible outcomes achieved through strong alignment of controls with business processes as well as pragmatic and thoughtful easing of operational burdens associated with compliance where possible. Candidates will also bring a focus on perpetual driving transparency across the security and compliance landscape for all stakeholders. </span><span data-ccp-props="{}"> </span></p> <p><span data-contrast="auto">Candidates must be highly organized and detail-oriented with excellent communication skills and a strong bias towards getting things done while advocating for continuous improvement. As a leader within the Information Security Team, the GRC Director carries a significant role in actively promoting a culture of practical information security throughout the organization. </span><span data-ccp-props="{}"> </span></p> <p><em><strong><span data-ccp-props="{}">*This role requires someone to be onsite several days a week in our Durham, NC office.</span></strong></em></p> <p><strong>What you'll do</strong></p> <ul> <li><span data-contrast="none">Proactively and consistently manage the Tanium’s mission critical compliance frameworks, including ISO 27001, SOC2 Type 2, FedRAMP, and other frameworks </span><span data-ccp-props="{"335559738":4}"> </span></li> <li><span data-contrast="none">Develop, enhance, and operationalize security, risk and privacy policies as well as associated business processes to mitigate risk and comply with applicable laws and regulations </span><span data-ccp-props="{"335559738":4}"> </span></li> <li><span data-contrast="none">Own and manage the Tanium’s risk quantification management program </span><span data-ccp-props="{"335559738":4}"> </span></li> <li><span data-contrast="none">Own and manage GRC’s role in responding to client audit and RFP/RFI requests in a timely and effective manner  </span><span data-ccp-props="{"335559738":4}"> </span></li> <li><span data-contrast="none">Own and implement a vision for GRC tactics and methods which scale with Tanium’s business needs and balance efficient execution with comprehensive and repeatable processes </span><span data-ccp-props="{"335559738":4}"> </span></li> <li><span data-contrast="none">Manage, support and inspire a team of GRC professionals </span><span data-ccp-props="{"335559738":4}"> </span></li> <li><span data-contrast="none">Oversee third party technical risk assessments and related audit activity  </span><span data-ccp-props="{"335559738":4}"> </span></li> <li><span data-contrast="none">Serve as a subject matter expert for information security risk management principles and practices</span><span data-ccp-props="{"335559738":4}"> </span></li> <li><span data-contrast="none">Collaborate with executives and key stakeholders across Tanium to review projects, assess business critical systems and ensure compliance with compliance frameworks and data privacy laws </span><span data-ccp-props="{"335559738":4}"> </span></li> <li><span data-contrast="none">As necessary, perform and advise on privacy impact assessments </span><span data-ccp-props="{"335559738":4}"> </span></li> <li><span data-contrast="none">Perform internal technical risk assessments/audits  </span><span data-ccp-props="{"335559738":4}"> </span></li> <li><span data-contrast="none">Proactively assesses potential items of risk and opportunities  </span><span data-ccp-props="{"335559738":4}"> </span></li> <li><span data-contrast="none">Promote a culture of information security across all business units  </span><span data- ... (truncated, view full listing at source)