HiringCafe
Posted 6h ago

Cybersecurity GRC Manager

@ Google Fiber
View All Jobs
United States
$118k-$173k/yrRemoteFull Time
Responsibilities:Own TPRM processes, Automate GRC workflows, Draft executive risk presentations
Requirements Summary:5 years in Third-Party Risk Management; AI-native GRC automation experience; ISO 27001/NIST CSF; CISA/CRISC/CISSP/CISM certifications; Bachelor's in Accounting/Finance/MIS/CS or equivalent.
Technical Tools Mentioned:ISO 27001, NIST CSF, GRC tooling, AI-native automation
Save
Mark Applied
Hide Job
Report & Hide
Job Description

At GFiber, we believe that great internet has the power to drive innovation, strengthen communities, enable the impossible, and do all the everyday things that make all of our world go round. And the job of creating better internet is never done - so we’re growing! Our team is committed to building a place where people who want to make a difference can grow their careers and find their spot to belong.

GFiber is an Alphabet company that brings Google Fiber and Google Fiber Webpass internet services to homes and businesses across the United States. Our teams are expanding as we connect more cities and people to exceptional internet.

The application window will be open until at least May 11, 2026. This opportunity will remain online based on business needs which may be before or after the specified date.

This role is not eligible for immigration sponsorship.

 

The Technology Governance, Risk, and Compliance (GRC) team at GFiber establishes the framework that ensures our technology operations manage risks effectively and align with industry best practices. As GFiber navigates a complex corporate separation, our environment requires agility and an AI-native mindset. We partner across Engineering, Operations, Security, Legal, and other business units to embed GRC principles into our evolving systems. Our work protects GFiber assets and customer trust while accelerating business velocity during this critical transition.

Role Description

In this GRC role, you will take ownership of evolving our Third-Party Risk Management (TPRM) processes and driving tactical automation across the team. We are looking for a highly proactive self-starter who thrives in ambiguity and operates with exceptional agency. You will identify opportunities to integrate AI into daily operations to streamline GRC tooling and workflows. You will also distill complex technical risks into clear executive presentations for senior leadership and the C-suite. Your tenacity and project-driving capabilities will directly enable GFiber to scale securely during our separation.

In this role, you'll:

  • Take full ownership of evolving and maintaining GFiber TPRM processes to optimize our existing tooling platform. Translate complex technical and non-technical risks into actionable insights for diverse stakeholders.
  • Identify and execute tactical opportunities to automate GRC workflows using an AI-native approach. 
  • Apply key cybersecurity frameworks, specifically ISO 27001 and NIST CSF, to manage and mature our risk posture. Act as a proactive project driver by tracking technical inquiries and moving initiatives forward without waiting for direction.
  • Draft clear and effective risk presentations for senior leadership and C-suite executives. 
  • Support M&A and corporate carve-out initiatives by aligning GRC processes with our new operational reality.

At a minimum we'd like you to have:

  • Bachelor's degree in Accounting, Finance, MIS or Computer Science or equivalent practical experience.
  • 5 years of experience building, maintaining, and evolving Third-Party Risk Management programs and processes.
  • Proven ability to design and implement right-sized security controls that balance risk reduction with business velocity and our specific operational environment.
  • Experience taking an AI-native approach to problem solving and tactical automation within security or risk teams.
  • Professional certifications such as CISA, CRISC, CISSP, or CISM.

It's preferred if you have:

  • Experience supporting M&A activity or corporate separations.
  • Proven ability to draft and deliver presentations directly to C-suite executives and senior leadership.
  • Familiarity with scaling GRC practices outside of legacy parent structures.
  • Demonstrated track record of high agency and proactive project execution in fast-paced environments.
  • Written and verbal communication skills with the ability to articulate risk clearly to varied audiences.

 

The US base salary range for this full-time position is between $117,600 - $172,500 + bonus + cash award + benefits. As pay varies by location, your recruiter will share more about the specific salary range for your targeted location during the hiring process.

 

#LI-DNI

GFiber is committed to equal opportunity employment regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, gender identity, age, citizenship, marital status, disability or Veteran status. Disclosure is voluntary, and this information will be kept confidential in compliance with Google's Candidate Privacy Policy. For more information please refer to our Equal Employment Opportunity Policy and the EEOC's "Know your rights: workplace discrimination is illegal" (PDF)

It's important to us to create an accessible, inclusive workplace for everyone. If you have a need that requires accommodation, please let us know by completing our accommodations for applicants form. Our candidate accommodations team will then connect with you to confidentially discuss your options.