Information Security GRC Manager

Remote · USA Full-time New today

We have many opportunities available on our other career site pages. Click here to link to our careers page! Signet Jewelers is the world's largest retailer of diamond jewelry, operating more than 2,800 stores worldwide under the iconic brands: Kay Jewelers, Zales, Jared, H.Samuel, Ernest Jones, Peoples, Banter by Piercing Pagoda, Rocksbox, JamesAllen.com and Diamonds Direct. We are a people-first company and this core value is at the heart of everything we do, from empowering our valued team members, to collaborating with our customers, to fostering the communities in which we live and serve. People – and the love their actions inspire – are what drive us. We’re not only proud of the love we inspire outside our walls, we’re especially proud of the diversity, inclusion and equity we’re inspiring inside. There are dynamic career paths awaiting you – rewarding opportunities to impact the lives of others and inspire love. Join us! Information Security GRC Manager Location: Dallas, TX or Akron, OH (Hybrid) Preferred Open to remote POSITION SUMMARY: We are seeking an experienced Information Security GRC Manager to lead our governance, risk, and compliance (GRC) program. This role is critical in ensuring our information security practices align with regulatory requirements, industry standards, and business objectives. As a key member of the security leadership team, you will drive enterprise risk management, oversee compliance initiatives, and provide clear, actionable insights on our security posture to senior leadership. RESPONSIBILITIES: Lead Governance & Security Programs Develop and maintain the enterprise information security governance framework Establish and lead cross-functional governance forums (e.g., compliance working groups, risk committees) Oversee security policies, standards, procedures, and risk methodologies Drive Risk Management Lead enterprise-wide risk assessments, including identification, analysis, and mitigation of security risks Define, track, and report on Key Risk Indicators (KRIs) and Key Performance Indicators (KPIs) Partner with stakeholders to support risk-based decision-making Own Compliance & Certifications Plan and execute compliance and readiness assessments (e.g., PCI-DSS, NIST CSF, ISO 27001) Serve as the primary liaison for external auditors and assessors Ensure ongoing adherence to regulatory and contractual requirements Manage Audit & Assurance Activities Coordinate internal and external audits, including SOX-related controls where applicable Oversee remediation tracking and ensure timely resolution of findings Continuously improve control effectiveness and assurance processes Partner Across the Business Collaborate with IT, Legal, Privacy, and business teams to embed security into operations Translate complex security and compliance requirements into business-friendly language Provide regular reporting on risk posture and compliance to senior leadership Promote Security Awareness Develop and deliver training and awareness programs related to risk and compliance Foster a culture of security and accountability across the organization POSITION QUALIFICATIONS: Bachelor’s degree in Information Security, Cybersecurity, Computer Science, Business, or related field (Master’s preferred) 10+ years of experience in information security, IT risk, or compliance 2–3+ years of hands-on experience in a GRC-focused role Strong knowledge of frameworks and standards (e.g., NIST, ISO 27001, COBIT) Experience managing audits and working with external regulators or assessors Excellent communication skills, with the ability to engage both technical and business stakeholders Strong project management skills and ability to manage multiple initiatives simultaneously Nice to Have: Relevant certifications (e.g., CISSP, CISM, CRISC, CISA) Experience with SOX ITGC controls and audit coordination Familiarity with third-party/vendor risk management programs Experience with GRC tools (e.g., Optro (AuditBoard), ServiceNow GRC, OneTrust) BENEFITS & PERKS: Competitive healthcare, dental & vision insurance 401(k) matching after one year of employment Generous time off + company holidays Merchandise discount Learning & Development programs Much more! Apply To This Job

Apply

Information Security GRC Manager

Related roles

Senior Director, Academics and Partner Relations

Associate Director/Director, Technical Operations and Development - REMOTE East Coast Based

Executive Director, Technical Operations and Development - REMOTE East Coast Based

Senior Consultant- CDBG-DR

Construction Site Superintendent

Director of Academics

CVUS Product Sales Specialist - North Carolina Market

Clinical Applications Specialist - Cardiology (GA/LA/Northern FL)

New Reactor Project Quality Engineer (Remote Eligible, U.S.)

Clinical Operations Manager - Experience as a CTM or People Manager is required - Chile Home Based

Experienced Customer Service Representative – Work-From-Home Opportunity with arenaflex

Experienced Live Chat Support Specialist – Virtual Customer Service Representative – Beginner Friendly Remote Opportunity

HR Specialist Manager / HR Business Partner II

Experienced Customer Service Representative – Delivering Exceptional Experiences for arenaflex Customers in Summerville, SC

Experienced Customer Support Specialist – Home Advisor at arenaflex

Field Office Administrator

Software Developer w Angular - Full Stack ( remote )

Experienced Remote Customer Service Representative – Deliver Exceptional Client Experiences with arenaflex

Experienced Online Chat Assistant – Customer Service Representative – arenaflex

Program Support Specialist