Senior Manager, Governance, Risk, and Compliance

Please Note:

To provide the best candidate experience with our high application volumes, we limit applications to a total of 10 over 6 months. 

Advancing the World’s Technology Together
Our technology solutions power the tools you use every day--including smartphones, electric vehicles, hyperscale data centers, IoT devices, and so much more. Here, you’ll have an opportunity to be part of a global leader whose innovative designs are pushing the boundaries of what’s possible and powering the future. 

We believe innovation and growth are driven by an inclusive culture and a diverse workforce. We’re dedicated to empowering people to be their true selves. Together, we’re building a better tomorrow for our employees, customers, partners, and communities.

What You’ll Do

We are seeking a dedicated and experienced Senior Manager of Governance, Risk, and Compliance to join our dynamic team at DSA Cyber Security. This strategic role is pivotal in enhancing our cybersecurity framework, driving compliance with critical standards, and managing sophisticated risk assessments and policy governance.

Location: Hybrid, working onsite at our San Jose, CA headquarters 3 days a week, with the flexibility to work remotely the remainder of your time.

Job ID: 42133

Department: DSA Cyber Security

Reports To: Head of DSA Security Group

• Strategically develop, implement, and maintain a comprehensive GRC framework that aligns with global regulatory requirements, including but not limited to CPRA, CMMS, and various NIST standards.
• Lead complex vendor and third-party risk assessments with a focus on advanced threat modeling and mitigation strategist to protect organizational assets and information.
• Continuously review and enhance the organization’s information and physical security policies, ensuring they are robust, current, and compliant with international cybersecurity standards.
• Engage with senior stakeholders across the organization to integrate risk management and compliance into the corporate strategy, ensuring a cohesive approach to security and compliance.
• Collaborate with IT and cybersecurity teams to implement effective risk management practices and promote a culture of compliance across the organization.
• Mentor and develop a high-performing GRC team, fostering a culture of continuous improvement and professional excellence.
• Provide expert guidance on the interpretation and application of regulatory requirements, managing audits and investigations related to compliance issues.
• Prepare and present detailed risk and compliance reports to senior management, offering insights and strategic recommendations.

What You Bring

• Bachelor’s degree with 15+ years of relevant industry experience, or Masters with 13+ years in Information Technology, Cybersecurity, or a related field. A Master’s degree is preferred.
• Minimum of 8 years of experience in a GRC role within a cybersecurity environment, with at least 3 years in a managerial capacity.
• Profound knowledge of CPRA, CMMC, FedRAMP, NIST, and other relevant cybersecurity and privacy standards.
• Proven experience in conducting risk assessments, compliance audits, and reviewing and updating security policies.
• Strong leadership skills and the ability to manage cross-functional teams in a dynamic environment.
• Excellent communication, organizational, and analytical skills.
• Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or similar certifications strongly preferred.
• You’re inclusive, adapting your style to the situation and diverse global norms of our people.
• An avid learner, you approach challenges with curiosity and resilience, seeking data to help build understanding.
• You’re collaborative, building relationships, humbly offering support and openly welcoming approaches.
• Innovative and creative, you proactively explore new ideas and adapt quickly to change.

#LI-KD1

Equal Opportunity Employment Policy 

Samsung Semiconductor takes pride in being an equal opportunity workplace dedicated to fostering an environment where all individuals feel valued and empowered to excel, regardless of race, religion, color, age, disability, sex, gender identity, sexual orientation, ancestry, genetic information, marital status, national origin, political affiliation, or veteran status.

When selecting team members, we prioritize talent and qualities such as humility, kindness, and dedication. We extend comprehensive accommodations throughout our recruiting processes for candidates with disabilities, long-term conditions, neurodivergent individuals, or those requiring pregnancy-related support. All candidates scheduled for an interview will receive guidance on requesting accommodations.

Recruiting Agency Policy

We do not accept unsolicited resumes. Only authorized recruitment agencies that have a current and valid agreement with Samsung Semiconductor, Inc. are permitted to submit resumes for any job openings.

Covid-19 Policy
To help keep our employees, customers, and communities safe, we’ve developed guidelines for our teams. Currently, we encourage vaccination for all employees and may require it depending on job functions (e.g., traveling for business, meeting with customers). While visiting our offices or attending team events, we ask employees to complete a daily health questionnaire and complete a weekly COVID test. Our COVID policies are subject to change depending on public health, regulatory and business circumstances. 

Applicant Privacy Policy
https://semiconductor.samsung.com/us/careers/privacy