Director, Governance, Risk & Compliance (GRC)
About Us At WeWork, we provide inspiring and flexible workplace solutions to help businesses small, medium or large thrive in more than 150 cities globally.
The future of work is happening right now, and we are leading this moment.
United by a common purpose, here we will empower tomorrow s world at work.
Join us on our journey as we give our members the freedom and support to push boundaries in their industries, and work to redefine our own.
About The OpportunityWeWork is looking for a Director of Governance, Risk & Compliance (GRC) to join our Information Security team.
This role requires excellent project execution, communication, issue resolution, and organization skills.
You will lead assessments, identify, and communicate & compliance gaps to business partners.
The person in this role will plan, manage and execute risk assessments, lead WeWork s ISO 27001, SOC 2, PCI-DSS, and IT SOX compliance programs, and support multiple simultaneous projects.
This person will play a critical role in further developing our comprehensive strategies and frameworks to expertly manage and mitigate risks, strengthen corporate governance, and ensure compliance with applicable laws, regulations, and industry standards.
The position will report to the Chief Information Security Officer.
must be based out of New York City or San FranciscoThe responsibilities of the Director, Governance, Risk & Compliance (GRC) include:
Identify and evaluate business and technology risks while working cross-functionally with other leads to improve the internal control environment at WeWorkCollaborate with the Information Security teams (Product Security, Enterprise Security, Detection & Response), our CISO, Internal/External Auditors, Regulators, Privacy Counsel and Senior Management to mature the Technology Compliance ProgramWork amongst a team of security & technology compliance professionalsStrategize, direct, manage, and facilitate applicable information security audits and certifications, such as SOC 2, ISO 27001, and PCI-DSS to ensure compliance with applicable regulatory requirements Partner with Internal Audit and translate audit requirements to the business as part of SOX ComplianceExecute technology risk assessments, covering Information Security, infrastructure, networking, IT service management, cloud architecture, data management, etc.
Implement and lead continuous monitoring of internal controlsPerform pre-and post-implementation audits of significant system implementationsTrack issues for compliance gaps and facilitate the implementation of remediation plansPerform technical reviews of new and current technology vendorsSupport customer requests related to information securityRequirements:
Bachelor's or Master's degree in Management Information Systems, Accounting, Engineering, Computer Science, or a related field; however, any combination of experience, education, and certification that demonstrates the candidate can be successful in the position is acceptableExcellent verbal and written communication skills and the ability to interact professionally with a diverse group of executives, managers, and subject matter expertsUnderstanding of SOX, SOC 2, ISO 27001, PCI-DSS and similar regulationsUnderstanding of IT and risk environmentAbility to prioritize, manage multiple projects, and execute in a fast-paced and dynamic environment with a strong work ethic and ownership mentalityOutstanding negotiation, facilitation, and consensus building skillsSelf-motivated and able to work independentlyExperience with executive reporting and presentingPreferred Experience/Skills:
7
years of experience in GRC, IT Audit, Enterprise Risk, Compliance or ConsultingWorking knowledge of cloud applications (AWS preferred)Ability to work in a fast paced and high-pressure environmentTechnical certifications e.
g.
CISM, CISA, CRISC, CISSP are a plus but not requiredCompensation & BenefitsBase Pay:
$161,250 - $215,000Incentive Compensation:
WeWork employees are eligible to participate in an incentive plan specific to their role.
Your recruiter will detail what incentive plan is applicable to this specific role.
WeWork incentive plans are subject to the terms of the applicable incentive compensation plan, which will be made available to you after commencing employment.
WeWork reserves the right to amend its incentive plans, and nothing in this job requisition or any other document creates a right to a specific incentive plan payment.
Benefits:
Full-time employees are eligible for comprehensive benefits (subject to the terms of applicable plans/policies/agreements, which will be made available to you after commencing employment), including 20 days of PTO, approximately 10 paid holidays, 80 hours of paid sick leave, 16 weeks paid parental leave, competitive healthcare benefits, Life & AD&D insurance.
Life At WeWorkBeing a WeWorker is more than just a job.
We believe the magic of work is sparked by the passion you bring, the places you go, the people you meet and the purpose you follow.
And it starts here.
Here you will brush shoulders with those who dare to dream and do.
Here you will be welcomed by a diverse community that embraces and inspires you because together we can achieve more.
Here we challenge ideas, and explore new ways of getting things done.
Whether you are part of our Employee Community Groups, or part of a global project, we ask you to bring your open-minded attitude and collaborative spirit.
In return, you will be part of a team where your unique perspectives are celebrated.
WeWork is proud to be an Equal Employment Opportunity and Affirmative Action employer.
We do not discriminate based upon gender, sexual orientation, marital or civil status, pregnancy (or pregnancy-related conditions), gender identity or expression, transgender status or gender reassignment, race, color, national origin or ancestry, citizenship, religion or religious beliefs, age, physical or mental disability, genetic information (including genetic testing and characteristics), military or veteran status, or any other grounds or characteristic that is protected under the law.
-Brand:
Technology ServicesJob ID:
JR-0059194Employment Type:
Full TimeJob Area:
TechnologyEstimated Salary: $20 to $28 per hour based on qualifications.
The future of work is happening right now, and we are leading this moment.
United by a common purpose, here we will empower tomorrow s world at work.
Join us on our journey as we give our members the freedom and support to push boundaries in their industries, and work to redefine our own.
About The OpportunityWeWork is looking for a Director of Governance, Risk & Compliance (GRC) to join our Information Security team.
This role requires excellent project execution, communication, issue resolution, and organization skills.
You will lead assessments, identify, and communicate & compliance gaps to business partners.
The person in this role will plan, manage and execute risk assessments, lead WeWork s ISO 27001, SOC 2, PCI-DSS, and IT SOX compliance programs, and support multiple simultaneous projects.
This person will play a critical role in further developing our comprehensive strategies and frameworks to expertly manage and mitigate risks, strengthen corporate governance, and ensure compliance with applicable laws, regulations, and industry standards.
The position will report to the Chief Information Security Officer.
must be based out of New York City or San FranciscoThe responsibilities of the Director, Governance, Risk & Compliance (GRC) include:
Identify and evaluate business and technology risks while working cross-functionally with other leads to improve the internal control environment at WeWorkCollaborate with the Information Security teams (Product Security, Enterprise Security, Detection & Response), our CISO, Internal/External Auditors, Regulators, Privacy Counsel and Senior Management to mature the Technology Compliance ProgramWork amongst a team of security & technology compliance professionalsStrategize, direct, manage, and facilitate applicable information security audits and certifications, such as SOC 2, ISO 27001, and PCI-DSS to ensure compliance with applicable regulatory requirements Partner with Internal Audit and translate audit requirements to the business as part of SOX ComplianceExecute technology risk assessments, covering Information Security, infrastructure, networking, IT service management, cloud architecture, data management, etc.
Implement and lead continuous monitoring of internal controlsPerform pre-and post-implementation audits of significant system implementationsTrack issues for compliance gaps and facilitate the implementation of remediation plansPerform technical reviews of new and current technology vendorsSupport customer requests related to information securityRequirements:
Bachelor's or Master's degree in Management Information Systems, Accounting, Engineering, Computer Science, or a related field; however, any combination of experience, education, and certification that demonstrates the candidate can be successful in the position is acceptableExcellent verbal and written communication skills and the ability to interact professionally with a diverse group of executives, managers, and subject matter expertsUnderstanding of SOX, SOC 2, ISO 27001, PCI-DSS and similar regulationsUnderstanding of IT and risk environmentAbility to prioritize, manage multiple projects, and execute in a fast-paced and dynamic environment with a strong work ethic and ownership mentalityOutstanding negotiation, facilitation, and consensus building skillsSelf-motivated and able to work independentlyExperience with executive reporting and presentingPreferred Experience/Skills:
7
years of experience in GRC, IT Audit, Enterprise Risk, Compliance or ConsultingWorking knowledge of cloud applications (AWS preferred)Ability to work in a fast paced and high-pressure environmentTechnical certifications e.
g.
CISM, CISA, CRISC, CISSP are a plus but not requiredCompensation & BenefitsBase Pay:
$161,250 - $215,000Incentive Compensation:
WeWork employees are eligible to participate in an incentive plan specific to their role.
Your recruiter will detail what incentive plan is applicable to this specific role.
WeWork incentive plans are subject to the terms of the applicable incentive compensation plan, which will be made available to you after commencing employment.
WeWork reserves the right to amend its incentive plans, and nothing in this job requisition or any other document creates a right to a specific incentive plan payment.
Benefits:
Full-time employees are eligible for comprehensive benefits (subject to the terms of applicable plans/policies/agreements, which will be made available to you after commencing employment), including 20 days of PTO, approximately 10 paid holidays, 80 hours of paid sick leave, 16 weeks paid parental leave, competitive healthcare benefits, Life & AD&D insurance.
Life At WeWorkBeing a WeWorker is more than just a job.
We believe the magic of work is sparked by the passion you bring, the places you go, the people you meet and the purpose you follow.
And it starts here.
Here you will brush shoulders with those who dare to dream and do.
Here you will be welcomed by a diverse community that embraces and inspires you because together we can achieve more.
Here we challenge ideas, and explore new ways of getting things done.
Whether you are part of our Employee Community Groups, or part of a global project, we ask you to bring your open-minded attitude and collaborative spirit.
In return, you will be part of a team where your unique perspectives are celebrated.
WeWork is proud to be an Equal Employment Opportunity and Affirmative Action employer.
We do not discriminate based upon gender, sexual orientation, marital or civil status, pregnancy (or pregnancy-related conditions), gender identity or expression, transgender status or gender reassignment, race, color, national origin or ancestry, citizenship, religion or religious beliefs, age, physical or mental disability, genetic information (including genetic testing and characteristics), military or veteran status, or any other grounds or characteristic that is protected under the law.
-Brand:
Technology ServicesJob ID:
JR-0059194Employment Type:
Full TimeJob Area:
TechnologyEstimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
