Share this job SVGs not supported by this browser. Description Symmetrio is seeking a GRC Manager to support a large enterprise organization. In this hands-on leadership role, you’ll be responsible for developing and implementing a governance, risk, and compliance (GRC) framework across policy, audit, and risk management functions. The ideal candidate will bring structure to complexity; translating regulatory requirements into actionable processes that enhance visibility, accountability, and cybersecurity readiness. This position requires a strong mix of strategic vision and operational execution, with an emphasis on workflow design, risk modeling, and policy alignment. This is a hybrid position requiring on-site presence in Philadelphia two to three days per week. The salary range for this role is $105,000 to $140,000, based on experience. Responsibilities Lead the design, development, and rollout of an enterprise-wide GRC solution , aligning program objectives with policy, audit, and risk requirements. Develop and implement integrated workflows for: Policy Management: Oversee document lifecycle, approval processes, and retention schedules. Audit & Compliance: Establish control assignment models, streamline evidence collection, automate testing, and manage exception handling. Risk Management: Build risk-to-control mappings, establish prioritization frameworks, and track Plans of Action and Milestones (POAMs). Develop and refine vendor risk scoring models to enhance third-party oversight and accountability. Create and standardize templates, forms, and dashboards for system inventories, POAMs, and compliance documentation. Lead the development and maintenance of a Security Minimum Baseline, ensuring regulatory alignment and cybersecurity readiness. Review and cross-map security policies against frameworks such as HIPAA, CJIS, IRS Pub 1075, and PCI-DSS. Collaborate with IT, audit, and information security teams to integrate GRC workflows with existing enterprise platforms (e.g., ServiceNow, Archer, or similar). Analyze audit findings, identify control gaps, and drive corrective actions that strengthen compliance posture and operational resilience. Requirements 5+ years of experience in governance, risk, and compliance, IT audit, or cybersecurity program management. Proven success implementing or managing enterprise-level GRC frameworks or platforms. Strong understanding of NIST, ISO 27001, FISMA, and FedRAMP standards and control structures. Skilled in policy development, control documentation, and regulatory interpretation. Excellent communication and collaboration abilities with cross-functional teams. Preferred Experience with ServiceNow GRC, RSA Archer, or similar tools. Background supporting regulated enterprise or public sector environments. Certifications such as CISSP, CRISC, CISA, or CGEIT. Familiarity with risk quantification models and compliance automation. Benefits Health Care Plan (Medical, Dental & Vision) 401k Retirement Plan (4% match) Paid Time Off (Vacation, Sick & Public Holidays) Apply for this job