Cybersecurity Jobs List logo

Cybersecurity Jobs List

  1. Home
  2. Jobs
  3. United States
  4. Michigan
  5. Grand Rapids
  6. Compliance
  7. GRC Specialist
BO
BCM Onebcmone.com

GRC Specialist

Grand Rapids, Michigan, United States | Herndon, Virginia, United States | Alpharetta, Georgia, United States | Blue Bell, Pennsylvania, United States (Hybrid)Full-time7h ago

BCM One is looking to add a GRC Specialist to our growing global compliance team.  In this role, you will bridge Information Security Governance, Risk & Compliance (GRC) and IT Service Management (ITSM) disciplines to strengthen our global IT operations and compliance posture. The GRC Specialist will work across security, compliance, and service management teams to ensure processes, controls, and IT services meet internal standards, industry regulations, and contractual requirements.  

This role will report to our Global Manager of Info Sec & GRC to support the monitoring, assessing, designing, implementing, and maintaining security processes that align with GRC frameworks.  Additionally, the role will drive operational excellence, audit readiness, and risk mitigation.  You’ll collaborate with teams across global cross-functional teams to ensure consistent service delivery and compliance across our environment.  

Work Location: 

This position may be hybrid or fully remote. Preference will be given to candidates located in or near one of our office locations: Grand Rapids, Michigan; Herndon, Virginia; Alpharetta, Georgia; or Blue Bell, Pennsylvania. Candidates must live in and be authorized to work in the United States; this position is not eligible for relocation or sponsorship.

Hours:

Core hours are typically 8:00 a.m.–5:00 p.m. Eastern Time, with flexibility to support international teams.

Travel:

Travel is unlikely but could include a less than 5 trips per year to international offices.

What You Will Do:

    • Support development, implementation, and maintenance of GRC frameworks (e.g., ISO 27001, SOC 2, GDPR).
    • Conduct risk assessments, control testing, compliance monitoring, and third-party security evaluations.
    • Assist with internal/external audits by preparing evidence, reports, and remediation plans.
    • Maintain documentation of policies, procedures, and controls per global standards.
    • Collaborate with Privacy/Legal on data protection and facilitate privacy impact assessments.
    • Facilitate Business Impact Assessments and oversee Business Continuity testing and updates.
    • Monitor and report on Security GRC metrics to identify risks and improvement opportunities.
    • Support change management to ensure security and compliance with minimal disruption.
    • Coordinate between IT, Security, and Compliance teams to align service delivery with regulatory requirements.
    • Deliver training and awareness programs, including phishing simulations and compliance education.
    • Recommend and implement process improvements to reduce risk and enhance operational efficiency.

    What You Will Need:

    • 5+ years of experience in Security Governance, Risk & Compliance
    • Strong knowledge of GRC frameworks such as ISO 27001, SOC 2, NIST 800-53, CIS Controls, GDPR
    • Proven experience supporting internal and external audits
    • Ability to identify, assess, and prioritize risks using risk-based thinking and sound judgment
    • Skilled at monitoring security and compliance performance through KPIs, SLAs, and OLAs
    • Strong documentation, analytical, organizational skills, and attention to detail
    • Ability to manage multiple priorities and deadlines in a fast-paced, global environment
    • Excellent communication skills, able to explain technical and compliance concepts to non-technical audiences
    • Experience working cross-functionally with IT, security, compliance, and business teams across geographies
    • Familiarity with ITIL processes (incident, problem, change, request, asset/configuration management)
    • Proactive mindset with a commitment to integrity, confidentiality, and continuous learning
    • Preferred: Security/GRC certifications (e.g., CISSP, CRISC, CISA, ISO 27001 Lead Implementer/Auditor, CompTIA Security+)
    • Preferred: Experience with IT Service Management, systems administration, and regulated industries (telecommunications, finance, healthcare)
    • Preferred: Experience working in global, multicultural teams and adapting to diverse cultures

    Who We Are:

    BCM One is a leading telecom provider of NextGen Communications and Managed Services that has been in business for 30 years with more than 18,000 business customers and 5,000 channel partners who rely on our products, services, and teams to support their critical underlying network infrastructure. BCM One is the parent company to our family of brands that includes SIP.US, SIPTRUNK, Flowroute, SkySwitch, and Pure IP.

    Joining the BCM One team is a chance to be part of a financially strong company with an exciting growth story; over the past 4 years we’ve brought together leading companies in our space who have built products, services, and programs to innovate and disrupt our industry. Now, operating under one roof, we are taking BCM One to the next level and looking for talented individuals to help make that happen.


    When you choose to work at BCM One, you get to work with a talented team and build experience with the leading technologies, suppliers, and partners in our industry. We don’t offer cookie-cutter solutions, so the opportunities are endless, and the work is always varied and interesting. We take our mission “to provide a world-class experience with every human interaction” seriously, which means everything you do makes a difference. And we’re committed to building and nurturing a diverse and inclusive workforce and environment that empowers you to do your best work, spread your wings and reach your full potential. At BCM One, we encourage our team to learn something new every day, so you don’t just become part of our growth story, we become part of yours.

    Why BCM One:

    We are committed to creating an environment that fosters accountability, innovation, and teamwork. Many BCM One employees have been with the company for 10+ years, which we think says a lot about our culture.

    We Are a Team

    • We pride ourselves on our team-based approach to providing quality solutions for our clients. BCM One encourages a culture of collaboration, exposing employees to different areas of the business and fostering career growth.
    • We support employee involvement and provide opportunities to be responsible stewards via our BCM One Gives Back Program and our Emergency Fund to help our team members who are going through difficult times.

    Hard Work is Recognized

    • We offer an Employee of the Quarter program with a monetary award and Employee of the Year that includes a 7-day vacation package to the Caribbean. In addition, we host various regional team-building gatherings throughout the year.
    • We believe in developing our team members and offer many opportunities for training, professional development and career growth.

    Your Voice is Heard

    • We empower our team members to speak up and look for opportunities in challenges.
    • We have an Employee Council and a Diversity Equity and Inclusion Committee made up of volunteers from across the company who share a passion for making BCM One a great place to work and find ways to positively impact our communities.

    How we take care of you:

    • Competitive industry salaries
    • Comprehensive medical, dental, and vision insurance
    • Company-provided life and disability insurance
    • Matching 401 (k) plan
    • Employee Emergency Assistance Fund
    • Paid holidays and vacation time
    • FMLA

    BCM One is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by applicable law.

    Categories

    Compliance
    GRC
    Information Security
    IT Audit
    Risk Management

    Skills

    Audit Management
    CIS Controls
    CISA
    CISSP
    CRISC
    GDPR
    GRC
    Information Security
    ISO 27001
    IT Service Management
    ITIL
    NIST 800-53
    Risk Assessment
    SOC 2