What are the responsibilities and job description for the Manager of IT Security position at Kforce Inc?
Responsibilities
Kforce has a client that is seeking a Senior Manager, IT Security - GRC in Draper, UT. Overview: The Senior Manager, IT Security - GRC is responsible for leading and maturing the organization's cybersecurity governance, risk management, and compliance programs. This role ensures cybersecurity risks are identified, assessed, and communicated effectively while aligning security controls with regulatory, contractual, and business requirements. This individual will partner closely with IT Infrastructure, Security Operations, Legal, Internal Audit, and business stakeholders to enable secure and compliant operations across the enterprise. The role requires the ability to translate complex technical risks into clear business impact for executive leadership. Key Responsibilities: Governance & Program Management:
We offer comprehensive benefits including medical/dental/vision insurance, HSA, FSA, 401(k), and life, disability & ADD insurance to eligible employees. Salaried personnel receive paid time off. Hourly employees are not eligible for paid time off unless required by law. Hourly employees on a Service Contract Act project are eligible for paid sick leave.
Note: Pay is not considered compensation until it is earned, vested and determinable. The amount and availability of any compensation remains in Kforce's sole discretion unless and until paid and may be modified in its discretion consistent with the law.
This job is not eligible for bonuses, incentives or commissions.
Kforce is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.
By clicking “Apply Today” you agree to receive calls, AI-generated calls, text messages or emails from Kforce and its affiliates, and service providers. Note that if you choose to communicate with Kforce via text messaging the frequency may vary, and message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You will always have the right to cease communicating via text by using key words such as STOP.
Kforce has a client that is seeking a Senior Manager, IT Security - GRC in Draper, UT. Overview: The Senior Manager, IT Security - GRC is responsible for leading and maturing the organization's cybersecurity governance, risk management, and compliance programs. This role ensures cybersecurity risks are identified, assessed, and communicated effectively while aligning security controls with regulatory, contractual, and business requirements. This individual will partner closely with IT Infrastructure, Security Operations, Legal, Internal Audit, and business stakeholders to enable secure and compliant operations across the enterprise. The role requires the ability to translate complex technical risks into clear business impact for executive leadership. Key Responsibilities: Governance & Program Management:
- Lead and mature the enterprise GRC program, including policies, standards, procedures, and metrics
- Align cybersecurity frameworks with industry standards (NIST CSF, ISO 27001, CIS, SOC 2)
- Define and manage risk tolerance, exception management, and control ownership
- Ensure alignment between cybersecurity governance and enterprise risk management (ERM)
- Lead cyber risk assessments, control gap analyses, and third-party risk evaluations
- Maintain enterprise risk register including scoring, remediation tracking, and treatment plans
- Partner with technical and business teams to mitigate, transfer, or accept risk
- Translate technical vulnerabilities into business-impact risk statements
- Manage compliance across regulatory and industry frameworks (SOC 2, ISO, SOX, HIPAA, PCI, privacy)
- Serve as primary liaison for internal/external audits
- Coordinate audit responses, evidence collection, and remediation efforts
- Support customer security assessments, due diligence, and RFP responses
- Monitor regulatory changes and assess impact
- Bachelor's degree in Information Security, IT, Risk, or related field
- 7 years in cybersecurity, risk, compliance, or audit
- 3 years in GRC leadership or senior-level role
- Strong knowledge of NIST CSF, ISO 27001, SOC 2
- Experience managing audits and enterprise risk programs
- Strong communication skills with executive presence
- Certifications: CISSP, CISM, CISA, CRISC, ISO 27001
- Experience with GRC tools (ServiceNow GRC, Archer, Drata, Vanta, OneTrust)
We offer comprehensive benefits including medical/dental/vision insurance, HSA, FSA, 401(k), and life, disability & ADD insurance to eligible employees. Salaried personnel receive paid time off. Hourly employees are not eligible for paid time off unless required by law. Hourly employees on a Service Contract Act project are eligible for paid sick leave.
Note: Pay is not considered compensation until it is earned, vested and determinable. The amount and availability of any compensation remains in Kforce's sole discretion unless and until paid and may be modified in its discretion consistent with the law.
This job is not eligible for bonuses, incentives or commissions.
Kforce is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.
By clicking “Apply Today” you agree to receive calls, AI-generated calls, text messages or emails from Kforce and its affiliates, and service providers. Note that if you choose to communicate with Kforce via text messaging the frequency may vary, and message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You will always have the right to cease communicating via text by using key words such as STOP.
Salary : $150,000 - $185,000