Senior Manager, Governance, Risk and Compliance (GRC) - Provo and Reston Job Listing at Qualtrics in Provo, UT (Job ID 6947368)

Description

At Qualtrics, we create software the world's best brands use to deliver exceptional frontline experiences, build high-performing teams, and design products people love. But we are more than a platform—we are the creators and stewards of the Experience Management category serving over 18K clients globally. Building a category takes grit, determination, and a disdain for convention—but most of all it requires close-knit, high-functioning teams with an unwavering dedication to serving our customers.

When you join one of our teams, you'll be part of a nimble group that's empowered to set aggressive goals and move fast to achieve them. Strategic risks are encouraged and complex problems are solved together, by passing the mic and iterating until the best solution comes to light. You won't have to look to find growth opportunities—ready or not, they'll find you. From retail to government to healthcare, we're on a mission to bring humanity, connection, and empathy back to business. Join over 5,000 people across the globe who think that's work worth doing.
  Senior Manager, Governance, Risk and Compliance (GRC) - Provo, UT and Reston, VA

Why We Have This Role

Robust governance, risk management, and compliance (GRC) are crucial in today's complex regulatory landscape. The Sr. Manager of GRC is a key leader responsible for driving and managing our security compliance programs, ensuring our organization meets and exceeds stringent standards like FedRAMP and PCI. This role is essential for executing critical compliance activities, managing risk, and promoting a culture of security across the organization. By managing our GRC programs, you will directly contribute to our operational excellence, foster customer trust, and strengthen our market position.

How You'll Find Success

• Program Management: Manage and execute our GRC programs. You will drive initiatives to streamline processes related to audits, third-party risk management, and security certifications such as FedRAMP High, PCI, and DoD IL4.
• Strategic Execution: Contribute to the overall GRC strategy and lead the implementation of its roadmap. You will ensure the GRC framework is effectively integrated into our product development lifecycle and corporate operations.
• Cross-Functional Collaboration: Work closely with Engineering, Legal, Product, and other internal teams to translate GRC requirements into actionable plans. You will foster a collaborative environment to ensure compliance is understood, met, and sustained.
• Process Improvement and Innovation: Identify and implement continuous improvements for GRC processes. You will find opportunities for automation and apply industry best practices to enhance the efficiency and effectiveness of our compliance activities.

How You'll Grow

• Influence industry standards by representing the company in key security and compliance working groups and forums.
• Refine your strategic communication skills through regular interaction with senior leadership, auditors, and key internal stakeholders.
• Develop your leadership skills by managing and mentoring GRC professionals, guiding their projects and supporting their professional growth.

Things You'll Do

• Drive our public sector and enterprise readiness by leading the charge on achieving and maintaining critical certifications like FedRAMP High, DoD IL4, and PCI. You will own the end-to-end process, from managing audits to implementing and maturing our continuous monitoring programs.
• Build and lead the GRC team with an engineering-first philosophy, hiring and mentoring technical-minded professionals who can automate compliance controls and partner directly with developers to solve problems.
• Embed security and compliance into our DNA. You will act as a key evangelist and partner to Engineering and Product teams, translating complex GRC requirements into actionable plans and fostering a culture where compliance is a natural part of the development lifecycle.
• Build a scalable, modern GRC function. You will find and remove bottlenecks in our compliance processes, leveraging automation and innovative tools to increase efficiency and provide clear, data-driven insights to leadership through dashboards and reporting.
• Strengthen our security posture by maturing our third-party risk program. You will evolve how we assess vendor risk, implementing streamlined processes that protect our organization and customers without slowing the business down.
• Directly enable business growth and build customer trust. You will partner with Sales, Legal, and Product to communicate our security and compliance posture effectively, helping to unblock deals and strengthen our market position as a trusted partner.
• Translate GRC activities into a clear strategic narrative. You will regularly report on the status and effectiveness of our compliance programs to senior leadership, providing the insights they need to make informed decisions about risk and investment.

What We're Looking For On Your Resume

• Leadership Experience: Strong experience in managing GRC programs and leading compliance-focused projects, with a demonstrated ability to guide and mentor team members.
• Technical and Certification Expertise: Extensive hands-on experience with security certifications and control frameworks (e.g., FedRAMP, PCI, SOC 2, ISO 27001) and the ability to manage the associated audit and remediation processes.
• Strategic Mindset: The ability to translate high-level strategic goals into actionable project plans and execute on them effectively to meet both regulatory obligations and business objectives.
• Stakeholder Management: Exceptional skill in communicating complex GRC concepts to technical and non-technical audiences and collaborating effectively with internal teams, leadership, and external auditors.

Remember, it's not about how many years you've worked; it's about what you've achieved during that time that counts.

We know the confidence gap and imposter syndrome can get in the way of meeting spectacular candidates. Please don't hesitate to apply.

What You Should Know About This Team

• Innovation at Our Core: Our Security Operations team embraces change and thrives on solving complex challenges. We value experimentation, continuous learning, and push the boundaries of conventional security practices.
• Collaborative Environment: We believe in the power of teamwork and foster open communication across the team and the wider organization. Your ideas will be heard, and your collaboration will be essential.
• Data-Driven Approach: We rely on data-driven insights to inform our security strategies, measure effectiveness, and continuously improve our posture.
• Growth Mindset: We are committed to your professional development. You'll have opportunities to expand your expertise, contribute to high-visibility projects, and advance your career in cybersecurity.

Joining our team means stepping into a role that's vital, challenging, and deeply linked to Qualtrics' aim of reshaping industries by harnessing the power of Experience Management and AI.

Our Team's Favorite Perks and Benefits

• Wellness Reimbursement: $300 per quarter for wellness activities including gym memberships, spa massages, workout equipment, meditation apps, and much more.
• Experience Bonus: $1800 to be used for an “Experience” of your choosing.
• Amazing QGroup Communities: MOSAIQ, Green Team, Qualtrics Pride, Q&Able, Qualtrics Salute, and Women's Leadership Development, which exist as places for support, allyship, and advocacy.

The Qualtrics Hybrid Work Model: Our hybrid work model is elegantly simple: we all gather in the office three days a week; Mondays and Thursdays, plus one day selected by your organizational leader. These purposeful in-person days in thoughtfully designed offices help us do our best work and harness the power of collaboration and innovation. For the rest of the week, work where you want, owning the integration of work and life.
Qualtrics is an equal opportunity employer meaning that all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other protected characteristic. ​​​​​​​
Applicants in the United States of America have rights under Federal Employment Laws:Family & Medical Leave Act, Equal Opportunity Employment, Employee Polygraph Protection Act
Qualtrics is committed to the inclusion of all qualified individuals. As part of this commitment, Qualtrics will ensure that persons with disabilities are provided with reasonable accommodations. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please let your Qualtrics contact/recruiter know.
Not finding a role that's the right fit for now? Qualtrics Insiders is the one-stop shop for all things Qualtrics Life. Sign up for exclusive access to content created with you in mind and get the scoop on what we have going on at Qualtrics - upcoming events, behind the scenes stories from the team, interview tips, hot jobs, and more. No spam - we promise! You'll hear from us two times a month max with fresh, totally tailored info - so be sure to stay connected as you explore your best role and company fit.

 

 Apply on company website