VP/IT GRC Manager

San Jose, CA

Job Code: HBC 25-46

Job Summary:

The IT GRC Manager will be responsible for ensuring the effectiveness and efficiency of the Heritage Bank of Commerce’s IT control environment. This role involves assessing, monitoring, and reporting on the adequacy of IT controls related to information systems, technology infrastructure, data management, and cybersecurity. The IT GRC Manager collaborates with various departments to identify risks, implement control measures, and promote compliance with regulatory requirements and industry best practices.

Pay Range:  Base Compensation is dependent upon role, experience, and skill set: Min- $102,960/yr Max- $171,600/yr

Primary Responsibilities:

  • Continuous Improvement:
    • Conduct security risk assessments, including vendor risk assessments, identifying security gaps, recommending remediation measures, and coordinating with relevant teams to mitigate risks.
    • Perform reviews of the IT control environment and update periodic review processes to ensure that all process/procedure updates, as required by operational or regulatory changes, are incorporated into the program documentation and review processes.
    • Coordinate with third party technology service providers and internal engineers to perform periodic health checks of cybersecurity software running in our environment to identify opportunities for improvement.
    • Stay informed about emerging technologies and industry best practices to identify opportunities for innovation and process optimization.
  • Collaborate with internal and external stakeholders:
    • Coordinate with internal and external auditors and regulatory examiners during audits and examinations providing necessary documentation and support.
    • Stay updated on industry trends, emerging technologies, and regulatory changes related to IT controls to provide expert level support to IT Operations Managers.
  • Data Protection and Cybersecurity:
    • Support the development and management of data protection initiatives (e.g. data classification, retention, destruction) working with cross-functional departments.
    • Collaborate with IT and Information Security to identify and address cybersecurity risks and vulnerabilities, leading to the timely documentation and remediation of issues.
    • Monitor regulatory changes and industry trends to ensure the organization remains in compliance and proactive in addressing emerging IT risks.
  • Reporting:
    • Support the development, collection and creation of reports, operational dashboards, Key Performance Indicators, and accomplishments to provide data and information to IT Leaders and other stakeholders.
  • Policies and Procedures:
    • Collaborate with relevant stakeholders to develop IT control requirements, policies and procedures that align with regulatory requirements and industry best practices and establish effective control mechanisms.
    • Provide guidance to HBC employees on IT control policies and procedures to ensure understanding and compliance.
    • Update and revise control policies and procedures as necessary to address emerging risks and changing regulatory landscapes.
    • Maintain organization of IT policies and procedures.
  • Perform all other duties and special projects as assigned

Qualifications:

  • Bachelor's degree.
  • A demonstrated record of success with 4+ years of experience in IT Audit and/or IT GRC.
  • Relevant security and IT certifications are a plus.
  • Strong knowledge of IT control frameworks, regulatory requirements, and industry standards.
  • Expert level knowledge of cybersecurity best practices, information security regulations, and data protection principles.
  • Strong written and verbal communication skills to create and modify IT policies and procedures and to interact effectively with all levels of management.
  • Proven time management and problem-solving skills
  • Masterful in analysis, problem solving and decision making with a substantial focus on attention to detail and accuracy
  • Demonstrates initiative and the ability to work in an autonomous manner.

Compliance Responsibilities:

The employee is responsible for ensuring compliance with all aspects of job related laws and regulations and must maintain current compliance knowledge by attending compliance related training seminars and staff meetings and by reading pertinent compliance related materials.  

Job related laws and regulations include, but are not limited to the following:  Bank Secrecy Act (BSA); Office of Foreign Asset Control (OFAC); Vendor Management; Information and Data Security; and SEC regulations related to corporate governance and disclosure.

Heritage Bank of Commerce is an Equal Opportunity Employer committed to diversity and inclusion. We do not discriminate on the basis of race, color, ethnicity, religion, sex, sexual orientation, gender identity, national origin, marital status, genetic information, disability, Veteran status, or any other characteristic protected by Federal, state or local laws.

JOB CODE: HBC 25-46

Get Updates

Are you interested in hearing about new opportunities at Heritage Bank of Commerce in real time? Enter your email address to be notified automatically when new positions are posted.