PSCU Financial Services

GRC Program Manager - Remote

PSCU Financial Services$110K — $143K *
US-AnywhereRemote in United States
Finance & Insurance
8 - 10 years of experience
Job Overview by Ladders

Qualifications

  • 8+ years in cyber GRC, technology controls consulting, and IT auditing or risk management.
  • 5+ years in a GRC program manager or similar role with a focus on risk mitigation.
  • Experience with tracking and implementation of GRC tools like Optro, Vanta, or OneTrust.
  • Familiarity with PCI and NIST CSF assessments is essential.
  • Background in Financial Services, Fintech, or SaaS environments is preferred.

Responsibilities

  • Define program goals and governance frameworks for compliance and risk management.
  • Design and execute compliance programs aligning with business objectives.
  • Oversee planning and scheduling of user attestations across the enterprise.
  • Assess and consult on third-party cyber risks and negotiate related contracts.
  • Coordinate IT aspects of audits and assessments, ensuring compliance with frameworks such as SOC1/2 and PCI DSS.
  • Educate employees on risk mitigation roles and program objectives to gain support.
  • Adapt programs to handle emerging cybersecurity threats and regulatory changes.

Benefits

  • Competitive wages
  • Medical coverage including telemedicine
  • Dental and vision insurance
  • Paid Time Off (PTO) and community volunteer time
  • Maternity and parental leave
  • 401k plan with employer matching
  • Mental health and wellness support programs
Full Job Description

The Opportunity:

The GRC (Governance, Risk, & Compliance) Program Manager plays a critical role in ensuring the company adheres to applicable cyber laws, regulations and information security policies and standards. The individual will design, implement, and govern cyber risk management and technology compliance activities, collectively as a program.The individual will be responsible for the implementation and optimization of a governance, risk and compliance tool with execution of one or more cyber risk management programs, to include user attestations, third-party risk management, cyber contract administration, IT control testing, and audit coordination. Program functions and duties may include: planning, scheduling, and oversight ofinternal/external system user attestations across the enterprise; assessing and consulting on third-party cyber risks; review and negotiation of cyber contracts; coordination of IT components of onsite and virtual audits/assessments (e.g., SOC1/2, PCI DSS/NIST CSF, NIST AI RMF), NCUA regulatory examinations and client due diligence reviews. The individual must scope and execute program(s) to ensure the organization meets regulatory requirements and industry standards to mitigate cyber risks and achieve company certification and reporting objectives (e.g., PCI DSS, NIST, SOC1/2).This is an individual contributor role reporting to the VP of Technology Compliance and engaging with internal and external stakeholders to mitigate risk, integrate security measures into business operations, and foster a security-conscious culture.

A Day in the Life:

  • Define program goals, measurable objectives and governance framework
  • Design, scope, and execute program(s) to achieve stated objectives in alignment with business strategies and priorities
  • Perform program functions and duties that may include: planning, scheduling, and oversight of internal/external system user attestations across the enterprise; assessing and consulting on third-party cyber risks; review and negotiation of cyber contracts; coordination of IT components of onsite and virtual audits/assessments (e.g., SOC1/2, PCI DSS/NIST CSF), NCUA regulatory examinations and client due diligence reviews.
  • Implement and execute assigned program(s) through the use of a GRC tool and in accordance with company reporting and certification deadlines (e.g., PCI DSS, NIST CSF, SOC1/2)
  • Gain support and buy-in by educating employees about program objectives, controls, and their responsibilities in mitigating cyber risks
  • Lead and manage cyber risk management and technology compliance initiatives
  • Interpret and translate cybersecurity and compliance requirements into program design
  • Proactively identify and monitor emerging cybersecurity threats and regulatory landscape; adapt program design, scope, and execution to mitigate risks and comply with new regulation
  • Collaborate and partner with cross-functional business and technology stakeholders at all levels to ensure program objectives are met; work with internal/external auditors, vendors, and clients as required
  • Monitor and assess program governance and effectiveness (e.g., QA reviews, control testing)
  • Define and report on KPIs
  • Identify and implement process improvements to drive program efficiencies, minimize impact to business operations, and enhance user experiences; incorporate Inspired Service elements into program design where possible
  • Perform all other duties as assigned.

Qualifications:

  • Eight (8) years of relevant experience in cyber GRC, technology controls consulting, PCI/NIST CSF assessments, IT internal/external auditing, or cyber risk management.
  • At least five (5) years in a GRC program manager or equivalent role identifying, assessing, and mitigating information security, technology compliance, and cyber risks.
  • Implementation of GRC tool (Optro, Vanta, Drata, OneTrust) and control automation required
  • Experience in Financial Services, Fintech, SaaS environments highly preferred.

Pay Equity

$110,100.00 - $143,100.00

Actual Pay will be adjusted based on experience and other job-related factors permitted by law.

Great Work/Life Benefits!

  • Competitive wages

  • Medical with telemedicine

  • Dental and Vision

  • Basic and Optional Life Insurance

  • Paid Time Off (PTO)

  • Maternity, Parental, Family Care

  • Community Volunteer Time Off

  • 12 Paid Holidays

  • Company Paid Disability Insurance

  • 401k (with employer match)

  • Health Savings Accounts (HSA) with company provided contributions

  • Flexible Spending Accounts (FSA)

  • Supplemental Insurance

  • Mental Health and Well-being: Employee Assistance Program (EAP)

  • Tuition Reimbursement

  • Wellness program

  • Benefits are subject to generally applicable eligibility, waiting period, contribution, and other requirements and conditions

About PSCU Financial Services

PSCU Financial Services is a credit union service organization that provides financial services to credit unions and their members. The company offers a range of services, including credit, debit, and prepaid card processing, online and mobile banking, fraud detection and prevention, loyalty programs, and more. PSCU Financial Services serves over 900 credit unions and their 2.4 million members across the United States. The company has been recognized as one of the top credit union service organizations in the country.
Learn more about PSCU Financial Services
Size
2,000 employees
Industry
Founded
1977

Similar Jobs

More Jobs at PSCU Financial Services

More Finance & Insurance Jobs

Find similar GRC Program Manager - Remote jobs: