Director of Governance, Risk Management, and Compliance (GRC)

Boulder, CO / Chicago, IL / Plano, TX / Syracuse, NY /
Sales, Services, Support – Project Management /
Full-Time
Wireless technology now impacts nearly every aspect of daily life around the world.  As the fastest-growing global tech company, JMA designs and delivers cutting-edge wireless technology solutions that modernize how people learn, work, live and play, like never imagined. We power today’s leading industries through next generation software-based 5G, private wireless networks, 5G-ready antennas and connectors, and advanced indoor 5G capabilities — all manufactured in the U.S.  Our headquarters, along with the first-of-its-kind 5G campus are located in Syracuse, NY, with innovative tech hubs around the world. Join our team to shape the future of wireless technology and elevate how people experience the world!    

The Governance, Risk Management, and Compliance (GRC) Director will be based within JMA’s newly formed Solutions Team.  This organization is built around some of industries foremost leaders that have been setting new standards and driving entirely new solutions into the marketplace to enable multiple industry sectors.  To be part of this fast paced, deeply knowledgeable, highly agile team candidates will need to exhibit deep knowledge in their areas of expertise, a natural constant-learner mentality, a hit-the-ground running personality, and an always-on level of interest in technology and the fast-growing wireless industry.  Candidates with specific areas of expertise as well as broad levels of expertise will be considered.
 
Position Overview: The Solutions Governance, Risk Management, and Compliance Director will work closely with key constituents across the company to orchestrate consistent and well documented processes, statements of solutions data protection and cyber security measures, and will be the key point of contact with customer solutions and related agreements on data protection and customer cyber security requirements. Responsibilities require leadership and project management experience, as well as expertise to ensure effective system-wide security analysis; intrusion detection; standards and testing; risk assessment; awareness and education; and development of policies, standards and guidelines.

Responsibilities

    • Coordinate with the company IT organization, product development security experts, legal, and solutions team leadership in the development and implementation of the system-wide risk management function of the information security program to ensure information security risks are identified and monitored, particularly as they relate to requirements demanded by external customers of the company.
    • Internally assess, evaluate and make recommendations to management regarding the adequacy of the security controls, processes, regulations, and procedures as they relate to the company’s external offerings.
    • Orchestrate the system-wide information security compliance program, including IT activities, company products, 3rd party products utilized, and customer solutions and the necessary processes and procedures to meet defined requirements, policies and regulations.
    • Develop and implement effective and reasonable policies and practices to secure protected and sensitive data and ensure information security and compliance with relevant legislation and legal interpretation.
    • Educate and orchestrate a strategy for dealing with increasing number of audits, compliance checks and external assessment processes for internal/external auditors, including PCI DSS, ITAR, CMMP, SOC, NIST 800-171, FISMA and COBIT
    • Interacts in both oral and written communications with all levels of staff in matters related to information security and security awareness materials.
    • Work with internal team members and outside consultants as appropriate on required security assessments and audits
    • Coordinate, track, document all security related audits including scope of audits, areas of involvement, timelines, auditing agencies and outcomes.
    • Must be able to assess company’s solutions hardware, software, and systems for security risks or violations and work with internal teams and technology suppliers to recommend solutions.
    • Develop strategies to address awareness and training for all stakeholders as well as technical solutions. Must be able to assess the status of complex projects as well as identify and implement appropriate corrective measures to resolve issues as they arise. Must have a strong customer orientation and the ability to project that attitude to customers.

Qualifications

    • Knowledge of information security risk management frameworks and compliance practices.
    • Knowledge of securing network technologies, client, and server operating systems.
    • Ability to develop security standards and guidelines based on best practices and industry standards
    • Experience responding to, analyzing, and communicating information security incidents
    • Minimum 5 years of planning and managing security projects
    • Excellent interpersonal, communication, and presentation skills, including formal report writing experience
    • Understanding of common security standards and regulations relating to networking and wireless technology systems (e.g., PCI DSS, FERPA, ISO2700x, etc.)
    • Must be well versed with laws affecting multiple different customer environments, including but not limited to 

Additional Experience a Plus

    • Certified in Risk and Information Systems Control (CRISC)
    • Certified in the Governance of Enterprise IT (CGEIT)
    • Project Management Institute – Risk Management Professional (PMI-RMP)
    • ITIL Expert
    • Certification in Risk Management Assurance (CRMA)
    • GRC Professional (GRCP)
#LI-AC1

JMA offers a total rewards package designed to support your life, both in and outside of work.  When you join our team, you have immediate access to numerous benefits and perks that fit your specific needs. Whether you're looking for employee discounts, financial, legal and/or childcare resources and support, we have you covered! We believe in providing comprehensive health and wellness coverage along with monetary rewards towards health goals, in addition to numerous company-provided personal protection benefits at no additional cost to you. Investing in our employees is our #1 priority.  Are you in?

At JMA Wireless, we don’t just accept differences — we celebrate, support, and thrive on them for the benefit of our employees, our products, and our community. JMA Wireless is proud to be an equal opportunity workplace. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristic.