Manager of IT Security

Kforce Inc

Draper, UT

JOB DETAILS
SKILLS
Communication Skills, Computer Security, Contract Requirements, Customer Support/Service, Due Diligence, External Audit, Gap Analysis, HIPAA (Health Insurance Portability and Accountability Act), ISO (International Organization for Standardization), Industry Standards, Information Technology & Information Systems, Internal Audit, Internet Security, Leadership, Legal, Maintain Compliance, Management of Information Systems/Technology (MIS), Metrics, Monitor Regulations, Operations Security (OPSEC), PCI, Project/Program Management, Regulations, Request for Proposals (RFP), Risk, Risk Analysis, Risk Management, Sarbanes-Oxley Act (SOX), Security Analysis, Security Monitoring, Treatment Plan, U.S. National Institute of Standards and Technology (NIST)
LOCATION
Draper, UT
POSTED
30+ days ago

Kforce has a client that is seeking a Senior Manager, IT Security - GRC in Draper, UT.

Overview: The Senior Manager, IT Security - GRC is responsible for leading and maturing the organization's cybersecurity governance, risk management, and compliance programs. This role ensures cybersecurity risks are identified, assessed, and communicated effectively while aligning security controls with regulatory, contractual, and business requirements.

This individual will partner closely with IT Infrastructure, Security Operations, Legal, Internal Audit, and business stakeholders to enable secure and compliant operations across the enterprise. The role requires the ability to translate complex technical risks into clear business impact for executive leadership.

Key Responsibilities: Governance & Program Management:

  • Lead and mature the enterprise GRC program, including policies, standards, procedures, and metrics
  • Align cybersecurity frameworks with industry standards (NIST CSF, ISO 27001, CIS, SOC 2)
  • Define and manage risk tolerance, exception management, and control ownership
  • Ensure alignment between cybersecurity governance and enterprise risk management (ERM)

Risk Management:

  • Lead cyber risk assessments, control gap analyses, and third-party risk evaluations
  • Maintain enterprise risk register including scoring, remediation tracking, and treatment plans
  • Partner with technical and business teams to mitigate, transfer, or accept risk
  • Translate technical vulnerabilities into business-impact risk statements

Compliance & Assurance:

  • Manage compliance across regulatory and industry frameworks (SOC 2, ISO, SOX, HIPAA, PCI, privacy)
  • Serve as primary liaison for internal/external audits
  • Coordinate audit responses, evidence collection, and remediation efforts
  • Support customer security assessments, due diligence, and RFP responses
  • Monitor regulatory changes and assess impact

About the Company

K

Kforce Inc

Kforce is a solutions firm specializing in technology, finance and accounting, and professional staffing services. Our KNOWLEDGEforce® empowers top companies to achieve their digital transformation goals. We curate teams of technical experts who deliver solutions custom-tailored to each client’s needs. These scalable, flexible outcomes are shaped by deep market knowledge, thought leadership and our multi-industry expertise.

 

Our integrated approach is rooted in 60 years of proven success deploying highly skilled professionals on a temporary and direct-hire basis. Each year, approximately 18,000 talented experts work with the Fortune 500 and other leading companies. Together, we deliver Great Results Through Strategic Partnership and Knowledge Sharing®.

COMPANY SIZE
1,000 to 1,499 employees
INDUSTRY
Financial Services
FOUNDED
1962
WEBSITE
http://www.kforce.com/