×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
IT Consultant Cybersecurity Information Security IT Project Manager

Sr Mgr, Information Security & IT GRC

Remote / Online - Candidates ideally in
Reston, Fairfax County, Virginia, 22090, USA
Listing for: Volkswagen Group Services GmbH
Remote/Work from Home position
Listed on 2026-01-13
Job specializations:
  • IT/Tech
    IT Consultant, Cybersecurity, Information Security, IT Project Manager
Job Description & How to Apply Below

Volkswagen Financial Services, a wholly‑owned subsidiary of Volkswagen Group, is the trusted key to mobility for its brand partners. We are committed to supporting the Audi, Ducati, and Volkswagen brands and their Dealers, specializing in providing accessible mobility solutions for its Customers. The company’s offerings include Retail Leasing, Retail Financing, Commercial Financing for new and used vehicles, and End‑of‑Term vehicle disposition.

Brief

Role Description

This position is
Career Level 30L and is Home Based, with a Role Classification of
Fully Remote
.

Role Summary

The Sr. Manager of Information Security and IT GRC (Governance, Risk and Compliance) serves a critical and influential leadership position responsible for the planning, oversight and management of the Information Security Program to protect the confidentiality, integrity and availability of corporate and client information. The IT GRC Sr. Manager is responsible for directly managing the enterprise wide IT GRC team and makes strategic risk‑based decisions enabling the achievement of business objectives and operational excellence.

Leads the team that builds and deploys common governance, risk, and compliance processes, controls, conducts audits, and ensures that technologies and business operations are structured and configured for data protection and compliance. Reporting directly to the CISO and functioning as Deputy CISO, this role owns and maintains the IT compliance program, technology risk assessment program, data governance program, cyber awareness training program, business continuity disaster recovery program and third‑party risk program.

Responsibilities

within this Role

Leadership and Management

  • Oversee all activities that address technological governance, risk and compliance
  • Understand, advocate and communicate company objectives, vision and strategy to staff to ensure contribution towards achieving VCI’s goals
  • Develop productive relationships with Business Unit leaders across the organization to influence how applications/technology solutions can enable new sources of value
  • Establish and monitor individual team member objectives and competencies in alignment with Talent Management practices

Information Security and IT GRC Strategy and Delivery

  • Design and develop the enterprise Governance, Risk and Compliance strategy and roadmap that cost‑effectively meets the needs of the business as a whole
  • Oversee and mentor front line managers leading risk assessment processes using internal VW Group and industry standard frameworks and regulatory requirements including ITMS, ITSP2, GISP, NIST CSF, NYDFS, GLBA, FFIEC, CCPA, Quebec Privacy and Financial Services and US and Canadian Privacy Guidelines for Fin Tech Companies
  • Data Governance:
    • Work with stakeholders to ensure data governance activities are effectively carried out and act as a principal stakeholder on data governance committees and working groups
  • IT Compliance:
    • Oversee the team to facilitate and manage Internal and External Audits including supporting the Business Units with gathering of evidences and coordination of on‑site examinations
    • Direct the IT GRC team to conduct ongoing relationships with information and business owners on security issues and practices, monitoring compliance, and preparing and enforcing policies
  • Vendor & Third-Party Risk:
    • Maintain compliance reporting program and remediation tracking team to convey and influence compliance status of all relevant vendor and third‑party relationships
  • Business Continuity & Disaster Recovery:
    • Develop detailed and holistic incident response plans which include training and exercising developed plans, implementing the use of technology for emergency use and ensuring partnership with internal and external partners
    • Validate IT key systems and services to identify continuity risks, analyze root causes and trends in potential control weaknesses; suggest new controls to meet requirements where applicable
  • Lead collaboration with internal teams to incorporate targeted security centered communications for various platforms and topics
  • Assist in the promotion of a compliance culture that encourages an “open door” policy for staff to seek…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search