Cyber GRC Manager

Overview

Here at Discount Tire, we celebrate the spirit of our people with extraordinary pride and enthusiasm. Our business has been growing for more than 60 years and now is the best time in our history to join us. We are opening more locations every year and we are always looking for qualified individuals to join us in our growth. We are a company that promotes from within, both in our retail and corporate operations.

The Cyber Governance, Risk, & Compliance (GRC) Manager provides strategic leadership to the department staff by facilitating an effective enterprise-wide governance, risk, and compliance program that ensures the strategic alignment of information security and broader corporate objectives. This role provides a hands-on leadership that has accountability for identifying, evaluating, reporting, and managing information security risks in ways that meet compliance and regulatory requirements and builds business confidence in the cybersecurity program.

Essential Duties and Responsibilities:

• Provide proactive collaboration with cross-functional stakeholder teams across Discount Tire enterprise operations to ensure alignment and application of practices that both support business goals and meet defined policies and standards for information security.

• Create the GRC strategy, communicate the strategy and vision, drive accomplishments and outcomes that further the strategy in an agile way for security risk assessments, control testing, regulatory or internal audit processes and responses, and risk management strategies.

• Lead the creation and maintenance of a thoughtfully structured risk framework that incorporates qualitative and quantitative aspects, provides visibility and management of cyber risks, and wholly represents cybersecurity risk for the firm.

• Lead the compliance and assurance functions within GRC to continuously evaluate cybersecurity controls to ensure effectiveness, compliance and adherence to key controls and policies and drive remediation efforts through innovative security risk assessment processes, policies, and automation.

• Provide leadership and engage with lines of business and BISOs to perform security assessments and ensure timely execution of projects and program while mitigating any security risks.

• Prescribe security improvements for environments to resolve or mitigate security findings or otherwise enhance security posture to achieve compliance with all security initiatives and comply with industry regulations.

• Oversee exception management and partner with technology and security operations to reduce the number of security findings under exception.

• Foster innovation efforts to increase efficiencies and automate manual processes.

• Manage and develop GRC talent creating opportunities for growth and a high performing team.

• Manage and execute functional tasks and cross-functional initiatives, and work collaboratively with peer leaders to develop and execute GRC program initiatives across multiple teams/functions and programs.

• Tracks key metrics, oversees the preparation of key reports and communications, and may present to governance committees, senior leaders, and regulatory bodies.

• Provides direction and feedback on employee goals and achievements. Conducts performance reviews.

• Communicates clear job expectations, goals and development opportunities to employees.

• Prepares employee development plans. Coaches, counsels and leads department employees.

• Serves as an escalation point for interpersonal and operational employee challenges.

• Monitors department projects to ensure projects are delivered on time, within budget and to agreed quality level. Monitors and adjusts employee workloads.

• Works collaboratively across departments to identify and resolve risks, conflicts and challenges, recommends resolution and implementing process improvements.

• Stays current on the latest industry technologies, trends, and strategies; brings forward solutions and serves as a Trusted Expert.

• Other duties as assigned

Qualifications:

• This position requires a minimum of three years as a Supervisor or Asst Manager in a related role. A minimum of eight years professional experience with Cybersecurity and/or Cyber Risk required.

• Solid understanding of Cyber Risk Management and Strategy frameworks as well as understanding of common enterprise threat scenarios.

• Deep understanding of security controls and alignment to key regulations (examples: NIST, FedRamp, CMMC, SOX).

• Proven ability to cultivate, mentor/manage and motivate a diverse high-performing team of security professionals and set clear priorities to achieve department goals.

• Exceptional critical thinking skills and thought leadership with the ability to quickly comprehend complex problems, draw logical conclusions, make sound decisions, develop solutions, and negotiate and respond accordingly to drive closure. Strong analytical skills with excellent problem-solving ability.

• Articulate communicator and collaborator with the professional confidence and credibility to effectively engage and interact with senior and executive management.

• Ability to take unpopular positions when necessary, influence others to support these decisions, and maintain trust and credibility.

• Proficient in Microsoft Office, including Word, Excel and PowerPoint is needed.

• Excellent analytical, planning and negotiation skills are needed.

• Excellent interpersonal skills with the expert ability to develop strong relationships with key members of both internal and vendor teams.

• Demonstrated business acumen with an expert knowledge and understanding of business issues, priorities, goals, and strategy is necessary.

• Must be highly organized, extremely detail oriented with strong leadership experience. Maintaining confidentiality, treating others with respect and upholding Company values is a key attribute.

Educational Requirements

• Bachelor's degree in a related field or equivalent experience is required.

• Professional certifications are a plus.

Discount Tire provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local law.

#LI-Onsite

#LI-DV1