GRC Delivery Manager

Skills:
GRC Frameworks, Service Delivery, RSA Archer, CAMMS, ISO 27001, GRC implementation, MetricStream, Risk Management,

Role Summary

The GRC Delivery Manager will be responsible for leading the planning, execution, and governance of Governance, Risk, and Compliance (GRC) projects and programs across the organization or client accounts.

This role requires deep knowledge of GRC frameworks, tools (e.g., RSA Archer, CAMMS/Riskonnect, MetricStream), and delivery methodologies.

The incumbent will ensure the delivery of high-quality solutions aligned with business objectives, regulatory requirements, and industry best practices.

Key Responsibilities

Strategic Leadership - Develop and lead the GRC delivery strategy aligned to enterprise risk management goals or client business objectives. - Serve as a thought leader and advisor on risk frameworks (ISO 31000, COSO, NIST RMF, NIST CSF, etc.). - Collaborate with business leaders, IT, audit, legal, and compliance teams to integrate GRC solutions.

Program & Project Delivery - Lead the end-to-end delivery of GRC implementations and assessments, ensuring quality, timeliness, and client satisfaction. - Oversee the design and configuration of GRC platforms (RSA Archer, ServiceNow GRC, etc.). - Manage project budgets, timelines, staffing, and risk mitigation plans.

People Management & Mentorship - Lead and mentor a team of GRC consultants, analysts, and project managers. - Build delivery capability through hiring, training, and performance management. - Foster a collaborative, high-performance culture within the GRC delivery team.

Client & Stakeholder Engagement - Act as the senior delivery contact for strategic clients or business units. - Conduct stakeholder meetings, executive briefings, and governance reviews. - Drive account growth by identifying upsell and cross-sell opportunities.

Compliance & Risk Framework Implementation - Ensure compliance with industry regulations (e.g., SOX, HIPAA, GDPR, ISO 27001). - Support the development of enterprise-wide risk and compliance dashboards. - Implement control libraries, policy mapping, and issue management workflows.

Continuous Improvement - Establish and monitor GRC delivery KPIs and SLAs. - Lead post-project reviews and continuous improvement initiatives. - Stay up to date with regulatory changes, risk trends, and GRC platform innovations.

Required Qualifications: -

Bachelors or masters degree in information security, Risk Management, Business Administration, or related field.

1220 years of total experience, with at least 710 years in GRC implementation and leadership.

Proven track record of delivering GRC solutions (Archer, CAMMS/Riskonnect, MetricStream, etc.) across sectors.

Expertise in ISO 27001, ISO 31000, COBIT, NIST, SOX, PCI-DSS, or similar frameworks. - Strong understanding of IT and Cybersecurity controls, audit processes, and compliance mandates.

Excellent communication, stakeholder management, and team leadership skills.

Preferred Certifications: - CISA, CRISC, CISSP, GRCP/GRCA, ISO 27001 Lead Auditor, or TOGAF.

Platform certifications (e.g., RSA Archer Admin, CAMMS/Riskonnect, ServiceNow GRC Implementation Specialist).

Work Environment & Travel: -

This role may require occasional travel to client sites or international offices.

Onsite model depending on organizational setup and client needs.