Share this Job

GRC Manager

Apply now »

Date: Aug 2, 2022

Location: Lakewood, CO, US

Company: Terumo BCT, Inc.

Requisition ID:  29576  

 

At Terumo Blood and Cell Technologies, our 7,000+ global associates proud to come to work each day, knowing that what we do impacts the lives of patients around the world.

 

We make medical devices and related products that are used to collect, separate, manufacture and process various components of blood and cells. With our innovative technologies and service offerings, we touch a patient’s life every second of every day and are committed to continuing to increase the number of patients we serve.

 

With some of the best and brightest minds in the industry, an unmatched global footprint, comprehensive benefits and a distinct culture, Terumo Blood and Cell Technologies is a great place to work, grow and be part of a team that is focused on making a difference. Consider joining our team and unlock your potential. 

GRC Manager

 

JOB SUMMARY

The GRC Manager is a key leadership role on our Information Security team. This position is full-time, permanent, has supervisory duties, has global responsibilities, and is salaried with standard work hours, and requires very little travel.

The GRC Manager will report to the Sr Manager IT Security and Compliance and will function as a central Information Security subject matter expert supporting global enterprise teams, including managing the team supporting the GRC program. They will work within the GRC team to mature the compliance assessment and control requirement program, develop control testing and monitoring capability, and to support the team throughout assessment lifecycles.

.

ESSENTIAL DUTIES

  • Partner with Business Units to identify, analyze and mitigate risks associated with activities executed throughout the global enterprise.
  • Act as team lead across information security GRC management activities.
  • Supervise teams responsible for assessing, managing, and monitoring compliance risk.
  • Provide compliance and risk consultation for new and ongoing enterprise initiatives.
  • Develop cybersecurity policies, procedures and best practices.
  • Educate and build awareness of compliance requirements across the organization.
  • Improve compliance with security standards and policies across enterprise teams.
  • Participate in testing and monitoring of compliance controls executed by enterprise teams.
  • Lead GRC enhancement projects focused on new or changing technologies.
  • Publish executive-level reporting across compliance activities.
  • Coordinate with privacy/legal to ensure the overall compliance landscape is well understood and the program captures a complete view of our compliance needs.
  • Lead data privacy initiatives – including global privacy regulations/laws.

 

OTHER DUTIES AND RESPONSIBILITIES

  • Provides technical leadership to team members, mentoring staff on the latest technology
  • Supports vendor management as needed

 

MINIMUM QUALIFICATION REQUIREMENTS

 

Education

Bachelor’s degree or, equivalent of education and experience sufficient to successfully perform the essential functions of the job may be considered.

 

Experience

Minimum 5 years experience

  • Strong understanding of risk mitigation methodologies and regulatory requirements pertaining to information security, privacy, and/or data security.
  • Experience with compliance audits such as J-SOX (SOX), medical device regulations, PCI, and customer.
  • Experience developing risk assessments.
  • Experience conducting third-party risk Management (BitSight experience a plus).
  • Experience conducting a SOC2 assessment.
  • Experience conducting internal and external Penetration tests and working with 3rd parties to conduct such tests.
  • Actively participate in the creation and maintenance of IT/IT Security, GRC, and Operational policies/procedures/standards/guidelines.
  • Work directly with technical and operational teams to develop and implement plans of action to satisfy governance, risk management, and compliance-related concerns.
  • Experience tracking and ensure successful completion of plans-of-action.
  • Experience developing mechanisms for measuring the success of GRC programs - KPIs
  • Experience managing, mentoring, and developing teams.
  • Experience ensuring compliance of systems with global medical device regulations.
  • Access Management experience is a plus.
  • Strong understanding of IT control frameworks such as NIST and ISO.
  • Experience implementing and maintaining a GRC system.

 

Skills

  • Knowledgeable in Project Management and Scaled Agile Framework
  • Self-led Learner
  • Customer First Mentality
  • Strong Adaptability
  • Process Documentation Management
  • Process Mapping Development
  • Strong Presentation Skills
  • Multitasking
  • Communication with Executives
  • Team Leadership
  • Can Interpret Global Regulations and Compliance Requirements
  • Thought Leadership
  • Cross-functional Team Leadership
  • Strategic Thinking and Planning (Team)
  • Brand & Team Ambassador
  • Expert Risk Management Foundation
  • Expert Information Security Foundation
  • Expert Security Control Framework Foundation
  • Advanced Data Privacy Foundation
  • Can Teach/Educate Risk & InfoSec Principles
  • Can Consult Business Leaders on Risk and InfoSec Principles
  • Detailed Knowledge of Most GRC Functions

 

Certificates, Licenses, Registrations

Professional certification (CISA, CRISC, CISM, CIA or similar) is highly desired.

 

 

PHYSICAL REQUIREMENTS

Typical Office Environment requirements include: reading, speaking, hearing, close vision, walking, bending, sitting, and occasional lifting up to 20 pounds.

 

The physical demands described here are representative of those that must be met by an associate to successfully perform the essential duties of this job.  Reasonable accommodations may be made to enable individuals with disabilities to perform the essential duties.

 

 

Target Pay Range:  $120,800.00 to $151,000.00  -  Salary to be determined by the education, experience, knowledge, skills, and abilities of the applicant, internal equity, and alignment with market data
Target Bonus on Base:  15.0%

 

At Terumo Blood and Cell Technologies, we provide competitive total reward offerings that consist of compensation, benefits, recognition, along with a wealth of other well-being, work-life and recognition programs which support in unlocking the potential for you and your family. Included in our expansive list of benefits offerings are multiple group medical, dental and vision plans, a robust wellness program, life insurance and disability coverages, also a variety of voluntary programs such as group accident, hospital indemnity, critical illness, pet insurance and much more. To help you save for retirement, we offer a 401(k) plan with a matching contribution and for work-life balance we have vacation and sick time programs for associates. For us, it’s about protecting the personal welfare of our associates and their families, helping to achieve personal goals and offering those extra touches for convenience, security and overall peace of mind.

 

  • Terumo Blood and Cell Technologies is part of Terumo Group, founded in 1921 and headquartered in Tokyo, Japan.
  • In 2019, Terumo Blood and Cell Technologies reached $1 billion in revenue.
  • We employ nearly 7,000 associates globally, with global headquarters in Lakewood, CO, U.S., and regional headquarters in Brussels, Buenos Aires, Singapore and Tokyo.
  • We manufacture devices, disposable sets and solutions at our facilities in Belgium, India, Japan, Northern Ireland, the U.S. and Vietnam. Our global presence enables us to serve customers in more than 130 countries.
  • Our core values help set our direction, guide our actions and keep us true to our corporate mission of contributing to society through healthcare.
    • Respect – Appreciative of others
    • Integrity – Guided by our mission
    • Care – Empathetic to patients
    • Quality – Committed to excellence
    • Creativity – Striving for innovation
  • We contribute to the Leukemia and Lymphoma Society (LLS), raising $1.3 million USD since 2007.

 

We are proud to be an Equal Opportunity Affirmative Action Employer.  All applicants will be afforded equal opportunity without discrimination because of race, color, religion, sex, gender identity or expression, sexual orientation, marital status, order of protection status, national origin or ancestry, citizenship status, age, physical or mental disability unrelated to ability, military status or an unfavorable discharge from military service.

 

Terumo Blood and Cell Technologies is committed to providing a safe, healthy and secure working environment. Our Colorado campus locations are tobacco-free workplaces and we maintain a drug-free workplace and perform pre-employment substance abuse testing and detailed background verification. Absent accommodation permitted by applicable law, as a condition of employment with Terumo Blood and Cell Technologies in the United States you must be fully COVID-19 vaccinated and provide valid proof of vaccination to the company.


Nearest Major Market: Denver

Job Segment: Medical Device, Information Security, Manager, Substance Abuse, Behavioral Health, Healthcare, Technology, Management