Velera Logo

Velera

GRC Program Manager - Remote

Posted Yesterday
Be an Early Applicant
Remote
Hiring Remotely in USA
110K-143K Annually
Senior level
Remote
Hiring Remotely in USA
110K-143K Annually
Senior level
Manage and implement enterprise GRC programs using a GRC tool to enforce cyber laws, standards, and certifications (PCI DSS, NIST, SOC1/2). Oversee attestations, third-party risk, contract reviews, IT audit coordination, KPI reporting, and stakeholder education to mitigate cyber risk and ensure compliance.
The summary above was generated by AI
Join the People Helping People

Velera is the nation’s premier payments credit union service organization (CUSO) and an integrated fintech solutions provider. The company serves more than 4,000 financial institutions throughout North America, operating with velocity to help our clients keep pace with the rapid momentum of change and fuel growth in the new era of financial services. Our purpose: We accelerate partners’ success through innovative financial technology solutions and inspired service.

The Opportunity:

The GRC (Governance, Risk, & Compliance) Program Manager plays a critical role in ensuring the company adheres to applicable cyber laws, regulations and information security policies and standards. The individual will design, implement, and govern cyber risk management and technology compliance activities, collectively as a program.The individual will be responsible for the implementation and optimization of a governance, risk and compliance tool with execution of one or more cyber risk management programs, to include user attestations, third-party risk management, cyber contract administration, IT control testing, and audit coordination. Program functions and duties may include: planning, scheduling, and oversight of internal/external system user attestations across the enterprise; assessing and consulting on third-party cyber risks; review and negotiation of cyber contracts; coordination of IT components of onsite and virtual audits/assessments (e.g., SOC1/2, PCI DSS/NIST CSF, NIST AI RMF), NCUA regulatory examinations and client due diligence reviews. The individual must scope and execute program(s) to ensure the organization meets regulatory requirements and industry standards to mitigate cyber risks and achieve company certification and reporting objectives (e.g., PCI DSS, NIST, SOC1/2).This is an individual contributor role reporting to the VP of Technology Compliance and engaging with internal and external stakeholders to mitigate risk, integrate security measures into business operations, and foster a security-conscious culture.

A Day in the Life:

  • Define program goals, measurable objectives and governance framework
  • Design, scope, and execute program(s) to achieve stated objectives in alignment with business strategies and priorities
  • Perform program functions and duties that may include: planning, scheduling, and oversight of   internal/external system user attestations across the enterprise; assessing and consulting on third-party cyber risks; review and negotiation of cyber contracts; coordination of IT components of onsite and virtual audits/assessments (e.g., SOC1/2, PCI DSS/NIST CSF), NCUA regulatory examinations and client due diligence reviews.
  • Implement and execute assigned program(s) through the use of a GRC tool and in accordance with company reporting and certification deadlines (e.g., PCI DSS, NIST CSF, SOC1/2)
  • Gain support and buy-in by educating employees about program objectives, controls, and their responsibilities in mitigating cyber risks
  • Lead and manage cyber risk management and technology compliance initiatives
  • Interpret and translate cybersecurity and compliance requirements into program design
  • Proactively identify and monitor emerging cybersecurity threats and regulatory landscape; adapt program design, scope, and execution to mitigate risks and comply with new regulation
  • Collaborate and partner with cross-functional business and technology stakeholders at all levels to ensure program objectives are met; work with internal/external auditors, vendors, and clients as required
  • Monitor and assess program governance and effectiveness (e.g., QA reviews, control testing)
  • Define and report on KPIs
  • Identify and implement process improvements to drive program efficiencies, minimize impact to business operations, and enhance user experiences; incorporate Inspired Service elements into program design where possible
  • Perform all other duties as assigned.

Qualifications:

  • Eight (8) years of relevant experience in cyber GRC, technology controls consulting, PCI/NIST CSF assessments, IT internal/external auditing, or cyber risk management.
  • At least five (5) years in a GRC program manager or equivalent role identifying, assessing, and mitigating information security, technology compliance, and cyber risks.
  • Implementation of GRC tool (Optro, Vanta, Drata, OneTrust) and control automation required
  • Experience in Financial Services, Fintech, SaaS environments highly preferred.

  

About Velera

At Velera, inclusion isn’t an initiative – it’s how we work. Guided by a people‑helping‑people philosophy, we cultivate a culture where every employee feels valued, respected and empowered to do their best work. We’re committed to building a diverse workforce and fostering meaningful connection across our teams. Through a remote‑first, flexible environment, we prioritize psychological safety, wellbeing and belonging so individuals and teams can collaborate to thrive. Together, we’re shaping a new era of secure, innovative solutions for the clients and communities we serve. Learn more about what it’s like to work at Velera.

Pay Equity

$110,100.00 - $143,100.00

Actual Pay will be adjusted based on experience and other job-related factors permitted by law.

Great Work/Life Benefits!

  • Competitive wages

  • Medical with telemedicine

  • Dental and Vision

  • Basic and Optional Life Insurance

  • Paid Time Off (PTO)

  • Maternity, Parental, Family Care

  • Community Volunteer Time Off

  • 12 Paid Holidays

  • Company Paid Disability Insurance

  • 401k (with employer match)

  • Health Savings Accounts (HSA) with company provided contributions

  • Flexible Spending Accounts (FSA)

  • Supplemental Insurance

  • Mental Health and Well-being: Employee Assistance Program (EAP)

  • Tuition Reimbursement

  • Wellness program

  • Benefits are subject to generally applicable eligibility, waiting period, contribution, and other requirements and conditions

Velera is an Equal Opportunity Employer. We consider applicants without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender, gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, or membership in any other group protected by federal, state or local law.

Velera is an Equal Opportunity Employer that complies with the laws and regulations set forth in the following "EEO is the Law" Poster. Velera will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the legal duty to furnish information.

Velera is an E-Verify Employer. Review the E-Verify Poster here.  For information regarding your Right To Work, please click here.

This role is currently not eligible for sponsorship.

As an ongoing commitment to reasonably accommodate individuals with disabilities please contact a recruiter at [email protected] for assistance.

Similar Jobs

A Minute Ago
Remote
United States
146K-163K Annually
Senior level
146K-163K Annually
Senior level
Healthtech • Social Impact • Software • Telehealth
Partner with Sales, Marketing, and Revenue Operations to evaluate complex deals, build scenario-based topline forecasts, and translate financial data into clear recommendations that inform growth and GTM strategy. Own deal desk analysis, modeling, and executive communications in a fast-paced remote environment.
Top Skills: ExcelGoogle Sheets
25-38 Hourly
Junior
Cloud • Computer Vision • Information Technology • Sales • Security • Cybersecurity
Provide end-to-end support for background checks and onboarding, managing Sterling/First Advantage workflows, coordinating with Global Security and third parties, tracking completion metrics, and delivering an excellent candidate experience. Act as subject matter expert for talent processes, advise stakeholders, handle sensitive information, and assist on related projects.
Top Skills: AIFirst AdvantageServicenowSterlingWorkday
10 Minutes Ago
Remote or Hybrid
Chicago, IL, USA
120K-140K Annually
Senior level
120K-140K Annually
Senior level
Artificial Intelligence • Big Data • Healthtech • Machine Learning • Analytics • Biotech • Generative AI
Own the data partnerships and integrations roadmap for Tempus' data platform: prioritize sources, lead cross-functional squads to onboard and normalize data, define standards (FHIR/HL7/OMOP), ensure quality and compliance (HIPAA), make data discoverable for product and research teams, and measure coverage, freshness, and adoption.
Top Skills: APIsCloud Data PlatformsEltETLFhirHl7IcdLoincOmopRwdRweScriptingSnomedSQL

What you need to know about the Chicago Tech Scene

With vibrant neighborhoods, great food and more affordable housing than either coast, Chicago might be the most liveable major tech hub. It is the birthplace of modern commodities and futures trading, a national hub for logistics and commerce, and home to the American Medical Association and the American Bar Association. This diverse blend of industry influences has helped Chicago emerge as a major player in verticals like fintech, biotechnology, legal tech, e-commerce and logistics technology. It’s also a major hiring center for tech companies on both coasts.

Key Facts About Chicago Tech

  • Number of Tech Workers: 245,800; 5.2% of overall workforce (2024 CompTIA survey)
  • Major Tech Employers: McDonald’s, John Deere, Boeing, Morningstar
  • Key Industries: Artificial intelligence, biotechnology, fintech, software, logistics technology
  • Funding Landscape: $2.5 billion in venture capital funding in 2024 (Pitchbook)
  • Notable Investors: Pritzker Group Venture Capital, Arch Venture Partners, MATH Venture Partners, Jump Capital, Hyde Park Venture Partners
  • Research Centers and Universities: Northwestern University, University of Chicago, University of Illinois Urbana-Champaign, Illinois Institute of Technology, Argonne National Laboratory, Fermi National Accelerator Laboratory

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account