Senior Principal, IT Governance, Risk and Compliance; GRC

Please use Google Chrome or Mozilla Firefox when accessing Candidate Home.

By joining the American Red Cross you will touch millions of lives every year and experience the greatness of the human spirit at its best. Are you ready to be part of the world’s largest humanitarian network?

Join us—Where your Career is a Force for Good!

Joining The American Red Cross is like nothing else – it’s as much something you feel as something you do. You become a vital part of the world’s largest humanitarian network. Joining a team of welcoming individuals who are exceptional, yet unassuming. Diverse, yet uncompromising in unity. You grow your career within a movement that matters, where success is measured in people helped, communities made whole, and individuals equipped to never stop changing lives and situations for the better.

When you choose to be a force for good, you’ll have mentors who empower your growth along a purposeful career path. You align your life’s work with an ongoing mission that’s bigger than all of us. As you care for others, you’re cared for with competitive compensation and benefits. You join a community that respects who you are away from work as much as what you do while at work.

As the Senior Principal, IT Governance, Risk and Compliance (GRC), you will be primarily responsible for supporting the delivery of a successful governance, risk, and compliance (GRC) program at the American Red Cross.

You will design, implement, and monitor a comprehensive IT policy and control framework, supporting mission‑critical business systems and processes leveraging the Red Cross Service Now platform for Integrated Risk Management. This framework will meet minimum requirements including NIST 800‑53, NIST 800‑171, and best practices in IT governance, security, risk, and compliance. Working closely with key stakeholders and cross‑functional colleagues, you will advise on the design and execute assessments to identify areas of improvement.

You will also work with IT and business leadership to remediate any gaps as a first line of defense.

The primary focus of this position will be serving as the key liaison and coordination point between IT/Business teams and Internal Audit to ensure alignment, transparency, and effective execution of audit‑related activities. This role will drive collaboration across teams to support audit readiness, remediation efforts, and continuous improvement of IT controls. In addition, the position will contribute to maturing the American Red Cross GRC program through process optimization, policy development, automation, training, and ongoing enhancement of governance capabilities.

This is a unique opportunity to combine IT, audit, and process improvement expertise while working closely with leaders across IT, Information Security, Internal Audit, Finance, and the Office of General Counsel (OGC).

The work location for this exciting opportunity is virtual. The selected candidate will work 100% remotely from home and can be located anywhere in the United States with a preference to work East Coast hours.

• Serve as the primary IT audit liaison, ensuring clear communication, efficient evidence collection, and timely resolution of audit inquiries across technology and business teams
• Work with Internal and External auditors, business stakeholders and suppliers as appropriate on required IT control assessments and audits
• Provide first level of support and consulting to the business and IT on internal audit activities and results as well as risk mitigation initiatives in response to audit findings
• Manage overall remediation process and create and oversee action plans to remediate issues
• Ensure audit readiness by proactively identifying control weaknesses and coordinating pre‑audit walkthroughs, evidence validation, and test preparation

• Assist the Director, IT Governance, Risk, and Compliance and Senior Director, IT Governance, Risk and Compliance with IT governance and controls, internal and external…