Note: The job is a remote job and is open to candidates in USA. Procter & Gamble is a global leader in consumer goods, and they are seeking a Governance, Risk, and Compliance Director passionate about safeguarding data and shaping the future of cybersecurity. The role involves managing risk, ensuring compliance with regulations, and leading initiatives to enhance the organization's security posture.

Responsibilities

• Maintain and evolve the information security policy framework and controls aligned with industry best practices (e.g., NIST, ISO 27001, CIS)
• Establish and track metrics to measure policy adherence and program maturity
• Drive internal alignment on security roles, responsibilities, and expectations
• Manage the enterprise risk management process including risk identification, analysis, treatment planning, and reporting
• Conduct security risk assessments for internal systems, projects, vendors, and business processes
• Facilitate risk-based decision-making at all levels of the organization
• Ensure ongoing compliance with applicable regulations and frameworks (e.g., GDPR, HIPAA, CCPA, SOX)
• Maintain a library of evidence and documentation to support audit and regulatory needs
• Monitor the effectiveness of IT controls and identify gaps in compliance. Analyze control measurements for negative trends and reoccurrence frequency. Collaborate with internal/external auditors on compliance audits, audit findings, and issue remediation
• Contribute to the continuous improvement of the risk and compliance mindset across P&G. Build IT risk awareness by providing support and training to others
• Collaborate cross-functionally with IT, Legal, Privacy, and Business Operations teams
• Stay up to date with how current events, security focus areas, and the regulatory environment may impact P&G’s compliance processes

Skills

• Bachelor's degree in Computer Science, Computer Systems Engineering, Cybersecurity, Industrial Engineering, Business Management Information Systems, Software Development, or related field
• Prior hands on experience working in a security-focused role, such as Information Security Analyst, SOC Analyst, Security Engineer, etc
• 8+ years of experience in Governance, Risk, and Compliance with a focus on Information Security
• In-depth knowledge of major security frameworks (e.g., NIST CSF, ISO 27001, SOC 2)
• Experience conducting risk assessments, audits, and control testing
• Strong understanding of regulatory compliance requirements (e.g., GDPR, HIPAA, SOX, PCI DSS)
• Proven ability to write policies, manage documentation, and communicate clearly to both technical and non-technical stakeholders
• Ability to influence and build relationships with business unit stakeholders, external service providers, and architecture teams
• The ability to work independently, collaborate, and learn quickly
• English fluency (speak, write, and read)
• Certified in CISSP, ISACA CRISC, CGEIT, CISA, or similar

Benefits

• Salary + bonus (if applicable) + benefits

Company Overview