Talent.com
Information Security Governance, Risk and Compliance (GRC) Lead
Information Security Governance, Risk and Compliance (GRC) LeadO'Melveny & Myers LLP • Dallas, TX, US
Information Security Governance, Risk and Compliance (GRC) Lead

Information Security Governance, Risk and Compliance (GRC) Lead

O'Melveny & Myers LLP • Dallas, TX, US
3 days ago
Job type
  • Full-time
Job description

Information Security Governance, Risk and Compliance (GRC) Lead

O'Melveny & Myers LLP has an immediate opening for a remote Information Security Governance, Risk and Compliance (GRC) Lead in one of our Texas offices. The GRC Lead serves as the subject matter expert for firmwide Information Security GRC initiatives, collaborating closely with the Information Security Officer. This role encompasses the development, implementation and ongoing coordination of GRC efforts, tracking information security risks, conducting risk analyses and mitigation options, coordinating information security metrics, and regular reporting to Information Security leadership. The Lead enforces GRC rigor globally for firmwide information security obligations and helps implement a comprehensive control framework to execute the GRC strategy. The role oversees administration of standards and controls, risk management, third-party risk management (TPRM), baseline security controls and technology compliance initiatives. It coordinates information security audits and assessments, tracks responses, and interacts with clients and external auditors. It may also involve reviewing outside counsel guidelines and developing a third-party risk management program, including due diligence documentation such as questionnaires and SOC reports.

Responsibilities Include

  • Lead firmwide Information Security GRC initiatives in partnership with the Information Security team.
  • Assist and coordinate with the ISO 27001 annual certification preparations, as well as client audits.
  • Track external requirements such as outside counsel guidelines and assist with review and response as needed.
  • Oversee Information Security GRC activities and coordinate with the Information Security Officer.
  • Serve as a subject matter expert and trusted advisor for leadership on Information Security GRC matters.
  • Serve as the primary contact for responding to business unit inquiries regarding operational compliance.
  • Collaborate with IT, legal, finance and operations to develop a cohesive Information Security GRC program.
  • Partner with business units during solutions onboarding to ensure adequate controls are in place and enabled.
  • Conduct regular risk assessments and analyze emerging risks across the organization.
  • Coordinate with stakeholders to implement effective risk mitigation strategies.
  • Maintain a strategic and comprehensive GRC program that includes policies, standards, processes and guidelines.
  • Stay updated on regulatory changes and industry standards (ISO, NIST, GDPR, HITRUST, HIPAA).
  • Provide guidance to team members to ensure compliance with relevant laws and regulations.
  • Deliver GRC reports to management, emphasizing compliance status, risk exposure and mitigation efforts.
  • Oversee third-party and vendor risk as part of the organization's risk management strategy.
  • Document and enforce cybersecurity standards that balance risk with business operations.
  • Ensure audit readiness by documenting GRC activities, policies, assessments and corrective actions.
  • Implement process improvements using GRC tools and methodologies to drive productivity gains.
  • Cooperate with internal and external auditors to maintain and implement controls that meet GRC requirements.
  • Motivate functional areas to adopt practices that comply with cybersecurity policies and standards.
  • Provide leadership in collaboration with technical and business teams to strengthen business resiliency.
  • Guide team to align with security, audit and risk management efforts in ongoing security program assessments.
  • Assist Information Security with projects as needed.
  • Stay abreast of current technologies, developments, security compliance requirements, standards, and industry trends.
  • Perform analysis of security threats and vulnerabilities and use threat intelligence to anticipate and mitigate risks.
  • Ensure secure handling of privileged accounts and credentials.

Qualifications

  • Five years of experience in GRC or as a cybersecurity practitioner, including roles in security analysis, compliance, and risk management.
  • Experience working in a distributed and hybrid office environment.
  • Understanding of information security and privacy frameworks : ISO / IEC 27001 required; NIST, HIPAA, HITRUST, GDPR, and GLBA are optional.
  • Bachelor's degree in Cybersecurity, Computer Science, Data Science, or related field.
  • Experience conducting tabletop exercises, coordinating disaster recovery exercises, and other information security control tests is ideal.
  • Excellent analytical and problem-solving abilities.
  • Effective communication and interpersonal skills; ability to work independently and in a multidisciplinary team.
  • Professional certifications are a plus (CISSP, CISM, CISA, CRISC, CGRC).

    • We offer an excellent salary and benefits package. For more information, or to be considered for this position, please apply online at www.omm.com. EOE M / F / D / V. No phone inquiries please.

    J-18808-Ljbffr

    Create a job alert for this search

    Information Security • Dallas, TX, US

    Related jobs
    Senior Lead Information Security Office (ISO) Consultant

    Senior Lead Information Security Office (ISO) Consultant

    Capital One • PLANO, Texas, United States
    Full-time +1
    Senior Lead Information Security Office (ISO) Consultant.At Capital One, you will help consult on initiatives, programs, and projects to raise their game in Information Security.You are pragmatic a...Show more
    Last updated: 18 days ago • Promoted
    Information Security Tech Lead Analyst

    Information Security Tech Lead Analyst

    Citigroup Inc. • Irving, TX, US
    Full-time
    About Citi : Citi, the leading global bank, has approximately 200 million customer accounts and does business in more than 160 countries and jurisdictions. Citi provides consumers, corporations, gove...Show more
    Last updated: 9 days ago • Promoted
    Enterprise Resilience Risk Lead

    Enterprise Resilience Risk Lead

    PNC • Dallas, TX, US
    Full-time
    Enterprise Resilience Risk Lead.At PNC, our people are our greatest differentiator and competitive advantage in the markets we serve. We are all united in delivering the best experience for our cust...Show more
    Last updated: 30+ days ago • Promoted
    Senior Lead Information Security Office Consultant

    Senior Lead Information Security Office Consultant

    Capital One • PLANO, Texas, United States
    Full-time +1
    Senior Lead Information Security Office Consultant.At Capital One, you will help consult on initiatives, programs, and projects to raise their game in Information Security.You are pragmatic and pra...Show more
    Last updated: 13 days ago • Promoted
    Information Security Architect

    Information Security Architect

    Forhyre • Plano, TX, US
    Full-time
    Lead Information Security Architect.DevOps, security, business applications, cloud security, and data architecture.The role oversees cybersecurity for our company's digital products, including ...Show more
    Last updated: 30+ days ago • Promoted
    Governance, Risk, and Compliance Manager

    Governance, Risk, and Compliance Manager

    Weaver • Dallas, TX, US
    Full-time
    Governance, Risk, and Compliance Manager.Weaver is a full-service national accounting, advisory and consulting firm with opportunities for professionals in many different fields.We seek to bring a ...Show more
    Last updated: 30+ days ago • Promoted
    Director Identity & Access Management (IAM)

    Director Identity & Access Management (IAM)

    Nahse • Dallas, TX, United States
    Full-time
    The Director of Identity & Access Management (IAM), reporting to the CISO, is responsible for the full identity lifecycle for all hospital system staff, contractors, third-party access, and non-hum...Show more
    Last updated: 15 days ago • Promoted
    Director, Audit and Compliance

    Director, Audit and Compliance

    Trintech • Plano, TX, US
    Full-time
    Director, Audit And Compliance.Trintech is seeking an experienced and business-minded Director of Audit & Compliance to lead our Governance, Risk, and Compliance (GRC) team.This role is responsible...Show more
    Last updated: 10 days ago • Promoted
    Governance, Risk, and Compliance Manager - Asset Management

    Governance, Risk, and Compliance Manager - Asset Management

    Weaver • Dallas, TX, US
    Full-time
    Governance, Risk, and Compliance Manager - Asset Management.Weaver is a full-service national accounting, advisory and consulting firm with opportunities for professionals in many different fields....Show more
    Last updated: 30+ days ago • Promoted
    Information Security Operations Senior Analyst - C12 - IRVING

    Information Security Operations Senior Analyst - C12 - IRVING

    Citi • Irving, TX, US
    Full-time
    Information Security Operations Senior Analyst - C12 - IRVING.Information Security Operations Senior Analyst - C12 - IRVING. Be among the first 25 applicants.Get AI-powered advice on this job and mo...Show more
    Last updated: 9 days ago • Promoted
    Senior Manager, Information Security Office (ISO) Consultant

    Senior Manager, Information Security Office (ISO) Consultant

    Capital One • PLANO, Texas, United States
    Full-time +1
    Senior Manager, Information Security Office (ISO) Consultant.At Capital One, you will help consult on initiatives, programs, and projects to raise their game in Information Security.You are pragmat...Show more
    Last updated: 7 days ago • Promoted
    Manager, Security - Lead CSSO - Plano, TX

    Manager, Security - Lead CSSO - Plano, TX

    Pratt & Whitney • Plano, TX, US
    Full-time
    TX217 : 465 Independence Parkway 465 Independence Parkway, Plano, TX, 75075 USA.Person, or Immigration Status Requirements : . At Raytheon, the foundation of everything we do is rooted in our values an...Show more
    Last updated: 6 days ago • Promoted
    Sr. Director of Information Security

    Sr. Director of Information Security

    Aspira Connect • Dallas, TX, US
    Full-time
    Director, Information Security.For more than 40 years, Aspira has been the market-leading provider of software and services that help public agencies protect natural and cultural resources while ma...Show more
    Last updated: 8 days ago • Promoted
    Infrastructure Security Consultant

    Infrastructure Security Consultant

    Better Future Solutions, Inc • Dallas, TX, US
    Full-time
    Get notified about new Information Security Consultant jobs in.Information Security Consultant Jobs in United States.Information System Security Officer (ISSO) / Incident Response Analyst (15.Strateg...Show more
    Last updated: 3 days ago • Promoted
    Cybersecurity Lead 365 Purview

    Cybersecurity Lead 365 Purview

    United Global Technologies • Irving, TX, US
    Full-time
    Education in leu of experience will be considered.Deep expertise in Azure security architecture, Conditional Access, Microsoft 365 Compliance Center and Microsoft Purview suite of tools with an emp...Show more
    Last updated: 30+ days ago • Promoted
    Information Security Architect Manager

    Information Security Architect Manager

    BERKLEY TECHNOLOGY SERVICES • Irving, TX, US
    Full-time
    Berkley Technology Services (BTS) is the dynamic technology solution for W.Berkley Corporation, a Fortune 500 Commercial Lines Insurance Company. With key locations in Urbandale, IA and Wilmington, ...Show more
    Last updated: 9 days ago • Promoted
    Director Governance, Risk & Compliance (GRC)

    Director Governance, Risk & Compliance (GRC)

    Baylor University Medical Center • Dallas, TX, US
    Full-time
    Director of Healthcare Governance, Risk, and Compliance.The Director of Healthcare Governance, Risk, and Compliance, reporting to the CISO, is responsible for developing, implementing, and overseei...Show more
    Last updated: 16 days ago • Promoted
    Information Security Risk Analyst (GRC)

    Information Security Risk Analyst (GRC)

    American National bank of Texas • Terrell, TX, US
    Full-time
    Information Security Risk Analyst.Information and Cyber Security Program.Conduct comprehensive risk assessments to identify and evaluate potential threats and vulnerabilities to information systems...Show more
    Last updated: 3 days ago • Promoted