You will be a hands-on GRC professional who builds, monitors, and improves the frameworks that keep our organization compliant, resilient, and risk-informed
Job Summary
You will be a hands-on GRC professional who builds, monitors, and improves the frameworks that keep our organization compliant, resilient, and risk-informed.
Success in this role means turning governance into enablement — helping teams move faster by defining clear expectations, automating evidence, and maintaining trust with our customers, auditors, and partners.
At Acrisure, we’re building more than a business, we’re building a community where people can grow, thrive, and make an impact.
Matching Summary
You will be a hands-on GRC professional who builds, monitors, and improves the frameworks that keep our organization compliant, resilient, and risk-informed.
Skills & Requirements
Must-have
Information Security Governance Framework
NIST, ISO 27001, SOC 2, PCI-DSS, SOX
Control effectiveness monitoring
Risk assessment and reporting
Audit facilitation and remediation
Vendor security reviews
Nice-to-have
Enablement mindset
Curiosity and precision
Cross-functional collaboration
Clear communication of requirements
Key Requirements
Maintain and evolve Information Security Governance Framework
Map controls across frameworks
Draft and update policies, standards, procedures
Monitor control effectiveness
Identify, assess, report technology and cybersecurity risks
Facilitate risk assessments
Maintain risk register
Produce risk reports and heatmaps
Lead or support audits
Track remediation of findings
Manage vendor security reviews
Oversee security due diligence
Publish dashboards on control health, risk posture, compliance