Senior Governance Risk and Compliance

JoinaHigh-PerformanceCultureThatDrivesInnovationandExcellence AtVertiv ,wedon’tjusthiretalent— wecultivateleaders whodrive innovationandengage teamstopushthelimitsofwhat’spossible.Asagloballeaderincriticaldigital infrastructure ,wearescalinguptomeetthedemandsofAI,datacenters,andnext-gentechnology —andweneedbold,high performingindividualslikeYOUtotakeustothenext level. Why Vertiv? · High-Performance Culture : We empower you to think big, execute with excellence, and deliver impact . Our performance-driven mindset rewards those who challenge the status quo and drive meaningful change. Over 50 CEO Awards are given annually to recognize top talent moving the needle forward. · Leadership Without Limits : Leadership at Vertiv goes beyond just titles—it’s about accountability, trust, and ownership . Our leaders engage and drive with collaboration, innovation, and customer-centric thinking , setting the foundation for an action-focused culture. · Limitless Growth & Learning : We believe in continuous development. Whether through rotational programs or high-impact projects, you’ll have the opportunity to expand your expertise and grow your career. · A Place for Everyone : Our commitment to Inclusion ensures that all employees’ unique strengths and perspectives are valued. Your voice matters, your growth is prioritized, and your success is celebrated. Position Summary The Senior Governance Risk and Compliance (GRC) Analyst is responsible for leading and executing the organization’s governance, risk, and compliance initiatives. This role involves overseeing IT risk assessments, managing third-party risk, supporting and leading audits, driving security and compliance projects, and ensuring alignment with regulatory requirements and internal policies. The position also serves as an escalation point for GRC matters, mentors junior analysts, monitors performance metrics, and contributes to the continuous improvement of the organization’s risk posture. The ideal candidate will have a proven track record in compliance frameworks, audit management, risk advisory, and GRC tools, with strong analytical, leadership, and communication skills. Key Responsibilities Risk Management & Compliance Lead IT risk assessments, mitigation planning, control monitoring, and reporting. Oversee risk documentation, ensuring accuracy and timely updates in coordination with SMEs, business owners, and risk stakeholders. Identify, document, and track risks, issues, and remediation actions, ensuring timely resolution. Monitor GRC dashboards and KPIs to assess compliance status and performance trends. Review and process IT exemption requests via ServiceNow. Third-Party Risk Management (TPRM) Lead third-party security risk assessments and maintain the TPRM program. Analyze assessment results, prepare risk reports, and recommend remediation measures. Coordinate with business owners to manage and remediate risks identified in vendor assessments. Represent the organization in customer/vendor risk reviews, clearly communicating the organization’s security posture. Audit & Regulatory Support Support and lead internal and external audits, including ITGC, ISO 27001, SOC 1, SOC 2, SOC 3, ISAE 3402, and other regulatory engagements. Ensure compliance with frameworks such as ISO 27001:2013/2022, NIST SP 800-53, NIST CSF, COBIT, and applicable data privacy regulations (SOX, HIPAA, GDPR). Collaborate with auditors, business units, and stakeholders to provide evidence, documentation, and process improvements. Security Projects & Controls Development Lead and contribute to the development, enhancement, and monitoring of security controls, policies, and procedures. Identify trends in risk and compliance issues and recommend policy, control, or training improvements. Manage security and compliance projects from initiation to completion, ensuring alignment with organizational goals. Leadership & Collaboration Serve as an escalation point for GRC-related issues. Mentor and coach GRC Analysts, assigning tasks, reviewing deliverables, and ensuring quality outcomes. Collaborate cross-functionally with IT, Legal, Procurement, and other departments to drive GRC objectives. Translate complex technical and regulatory concepts into actionable, business-friendly recommendations. Qualifications Minimum Requirements Bachelor’s degree or equivalent work experience. 5+ years of experience in IT risk assessment, audit support, and security compliance. Strong experience with compliance frameworks (ISO 27001:2013/2022, NIST SP 800-53, NIST CSF, COBIT). Experience with SOC 1, SOC 2, SOC 3, and ISAE 3402 audits and reporting. Proven track record in Third-Party Risk Management (TPRM). Familiarity with data privacy regulations (SOX, HIPAA, GDPR). Proficiency with GRC tools and platforms such as ServiceNow (tickets and CMDB), OneTrust, and SecurityScorecard. Strong analytical, investigative, and problem-solving skills. Effective communicator with experience preparing reports and presenting findings. Strong organizational, time management, and multitasking abilities. Ability to supervise, mentor, and guide junior team members. Preferred Qualifications Professional certifications such as ISO Lead Implementer/Auditor, CISA, or equivalent security credentials. Experience leading cross-functional security and compliance initiatives. Ability to present complex risk concepts to non-technical stakeholders. Demonstrated success in improving organizational risk posture. Education & Certifications Bachelor’s degree or equivalent experience required. ISO, CISA, or other relevant security certifications preferred. Physical Requirements No specific physical requirements. Environmental Demands No specific environmental demands. Travel & Availability On-call availability as required. Willingness to work flexible hours, including weekends, holidays, and nights. The successful candidate will embrace Vertiv’s Core Principals & Behaviors to help execute our Strategic Priorities. OUR CORE PRINCIPALS: Safety. Integrity. Respect. Teamwork. Diversity & Inclusion. OUR STRATEGIC PRIORITIES Customer Focus Operational Excellence High-Performance Culture Innovation Financial Strength OUR BEHAVIORS Think Big and Execute Act With Urgency Own It Drive Continuous Improvement Promote Transparent and Open Communication Learn and Seek Out Development Foster a Customer-First Mindset Lead by Example #J-18808-Ljbffr