47 grc manager jobs at 32 companies in Everett, MA
2mo
Save
Mark Applied
Hide
2mo
GRC Manager
Boston or San Francisco
HybridFull Time
CloudZero: Platform for cloud cost intelligence and FinOps optimization.
5+ YOE5+ years in governance, risk, and compliance, SaaS/cloud focus; SOC 2/audit experience; knowledge of COSO/ISO 31000/NIST RMF; GDPR/CCPA controls.
HubSpotNYSE: HUBS: Provides a customer platform for marketing, sales, and service.
Experience in Security GRC/IT Compliance or IT Audit, people management plus hands-on IC work, deep control design (SOX 404), risk-based scoping/testing, AWS/microservices/CI/CD familiarity, strong communication.
AWS, CI/CD, IAM, ISO 27001, SOC 1, SOC 2, NIST, ISO 42001
Form Energy: Developing multi-day batteries for grid-scale energy storage.
10+ YOE5+ Mgmt10+ years in cybersecurity/IT GRC with 5+ years leadership; deep ITGC, IAM, EDR/MDR, vulnerability management, incident response, and audit liaison experience; ISO 27001/SOC 2/NIST familiarity; strong executive communication.
Sr. Director, GRC, IT Controls & Cyber Culture, Orthopedics
Raritan or West Chester or Palm Beach Gardens or Warsaw or Raynham
$178k-$307k/yrHybridFull Time
Johnson & JohnsonNYSE: JNJ: Provides pharmaceutical products and medical technology healthcare solutions.
12+ YOE12+ years cybersecurity/GRC experience, bachelor\u0002s required (master\u0002s preferred), proven experience building enterprise GRC, SOX/IT controls, audit readiness, and leading cybersecurity teams; travel up to 20%.
WHOOP: Providing wearable health trackers and physiological performance analytics.
6+ YOE6+ years in cybersecurity or enterprise risk management, experience conducting structured cyber/IT and AI risk assessments, maintaining risk registers, familiarity with NIST/ISO/PCI/GDPR/HIPAA, and strong communication skills.
NIST CSF, ISO 27001, PCI DSS, GDPR, HIPAA, NIST AI RMF, ISO/IEC 42001, FAIR
Manager and Senior Manager: Governance, Risk, & Compliance (GRC)
Boston, Massachusetts, United States
$155k-$205k/yrOnsiteFull Time
WHOOP: Wearable technology for personalized health and performance tracking.
8+ YOE4+ Mgmt8+ years GRC or information security experience, 4+ years managing GRC/compliance teams, deep knowledge of ISO 27001/SOC2/GDPR/NIST/HIPAA, strong communication and program-building skills, relevant certifications preferred.
Risk Consulting - Risk Technology - Oracle GRC - Manager (New York, NY, US, 10001-8604)
New York or Atlanta or Boston or Chicago or Cleveland or Dallas or Detroit or Pittsburgh or Hoboken or Houston or Los Angeles or McLean or Miami or Minneapolis or North Carolina or Philadelphia or Portland or San Francisco or Seattle or Tampa
$150k-$260k/yrHybridFull Time
EY: Global firm providing audit, tax, and professional consulting services.
5+ YOEBachelor's or master's degree with ~5 years related experience; Oracle security/controls and controls testing experience; strong project management, client service, leadership, communication, analytical skills; valid US driver’s license and passport; willing to travel.
Blitzy: Autonomous AI platform for enterprise software development.
Hands-on ownership of SOC 2 Type II or ISO 27001:2022 audits, Vanta or equivalent GRC platform experience, auditor/vendor management, FedRAMP exposure preferred, strong written and judgment skills.
DigitalOceanNew York Stock Exchange: DOCN: Simplifies cloud infrastructure for developers, startups, and SMBs.
5+ YOE5+ years GRC experience with multi-standard programs (ISO 27001/27017/22301), familiarity with SOC 2 and HIPAA, risk assessment and remediation, control design, policy authoring, and cross-functional project management.
KlaviyoNYSE: KVYO: Software platform for automated e-commerce marketing and customer data.
6+ YOE6+ years as a technical programme manager in information security; experience with risk, compliance, AI governance; proficient with security frameworks; PMI/ITIL-like certifications; strong stakeholder management.
NIST, ISO 27001, SOC 2, PCI DSS, CIS Controls, GRC tooling, TPRM, AI governance tools
Sr. Technical Program Manager, Cybersecurity Remediation
Cambridge, Massachusetts, United States
$146k-$234k/yrHybridFull Time
ModernaNasdaq: MRNA: Develops and manufactures messenger RNA medicines and vaccines.
8+ YOE8+ years technical program or cybersecurity program management experience; experience leading cross-functional remediation programs, vulnerability management, incident/audit remediation, metrics and executive reporting.
vulnerability management platforms, GRC tools, NIST, ISO 27001, CIS
Senior Manager, Technology Product Management - Technology & Cyber Governance - Remote or Hybrid in MN or DC
Boston or Minneapolis or Washington
$113k-$193k/yrRemoteFull Time
UnitedHealth GroupNYSE: UNH: Provides health insurance and technology-enabled health care services.
10+ YOEAssociate’s degree (or higher) in related field, 10+ years in technology/information security with risk governance experience, 5+ years in matrixed orgs; experience designing governance, risk metrics, and control assessment; preferred certifications CISA, CRISC, CISSP, CISM.
NIST CSF, ISO 27001, COBIT, SOX, FFIEC, SDLC, DevSecOps, GRC
Fidelity Investments: Provides investment management, retirement planning, and brokerage services.
3+ YOEBachelor's in CS/Engineering/IT/IS +5 years (or Master's +3 years) in risk operations; expertise with SQL, Tableau, Snowflake, Archer GRC; advanced data analysis, automation of control testing, and risk assessment skills.
Tableau, Microsoft Power BI, Archer GRC, SQL, Microsoft Excel, Snowflake, OBIEE, SQL Developer, Microsoft PowerPoint, Microsoft SharePoint, Bloomberg, General Ledger (GL)
Hartford or Irving or Scottsdale or Woonsocket or Northbrook
$66k-$146k/yrHybridFull Time
CVS HealthNYSE: CVS: Provides retail pharmacy, health insurance, and pharmacy benefit management services.
5+ YOE5+ years in SOX, internal audit, finance, risk or program management; advanced Excel and PowerPoint; strong analytics and reporting; ability to build dashboards, KPIs, and executive-level presentations; bachelor’s degree or equivalent.
Microsoft PowerPoint, Microsoft Excel, Optro, GRC, Microsoft Power BI, Tableau, Alteryx
United States or Boston or Knoxville or Washington
RemoteFull Time
RegScale: Automated compliance software for continuous security controls monitoring.
4+ YOE4+ years experience in compliance/cybersecurity/GRC or SaaS professional services; Bachelor's (4 yrs exp) or Master's (3 yrs exp); strong communication, GRC framework knowledge, SaaS/product familiarity, and willingness to travel up to 25%.
Chicago or Tampa or Charlotte or Atlanta or Austin or Washington or Dallas or Los Angeles or Boston or Florham Park or New York or San Francisco or San Jose or Philadelphia or Houston
$99k-$232k/yrOnsiteFull Time
PwC: Providing audit, tax, and management consulting services to businesses.
4+ YOEBachelor's degree, 4+ years delivering SAP compliance, security, and governance solutions; proficiency with SAP GRC and SAP BW/4HANA; experience leading teams, implementing compliance programs, and audit processes.
SAP, SAP Governance, Risk and Compliance (GRC), SAP BW/4HANA
Ocean Spray: A farmer-owned cooperative producing cranberry juices and fruit snacks.
5+ YOEBachelor's degree required; 5+ years experience (10+ years managing SAP landscapes preferred). SAP architect/BASIS admin experience, SAP security and GRC knowledge, S/4 HANA on SAP RISE, cloud and container familiarity.
SAP RISE, S/4 HANA, SAP GRC, SAP ECS, AWS, Microsoft Azure, GCP, Docker, Kubernetes, SAP