Information Security - Governance, Risk, and Compliance (GRC) Director (Remote)
Company: Procter & Gamble
Location: Cincinnati
Posted on: January 2, 2026
|
|
|
Job Description:
Information Technology at Procter & Gamble is where business,
innovation and technology integrate to build a competitive
advantage for P&G. Our mission is clear we deliver IT to help
P&G win with the over 5 billion consumers we serve worldwide.
Our IT professionals are diverse business leaders who apply IT
expertise to deliver innovative, tech-focused business models and
capabilities for our 65 iconic, trusted brands. From Day 1, you’ll
be trusted to dive right in, take the lead, use your initiative,
and build billion-dollar brands that help make everyday activities
easier and make the world a better place! Our company offers
purposeful work that will take your career places you never
envisioned, in creative workspaces where innovation thrives and
where your technical expertise is recognized and rewarded. The
Opportunity P&G is seeking a Governance, Risk, and Compliance
Director passionate about safeguarding data, enabling business
through smart risk management, and shaping the future of
cybersecurity. The IT Governance, Risk, and Compliance (GRC)
Organization at Procter & Gamble is responsible for risk
identification, assessment, and remediation across the IT
landscape, as well as driving automated governance and compliance
breakthroughs. As the GRC expert, you’ll play a critical role in
maturing and maintaining the security risk and compliance posture
of our organization. You will lead initiatives that align our
security program with business goals, ensure regulatory and policy
compliance, and creatively solve problems to manage risk for the
company. Responsibilities: Governance: Maintain and evolve the
information security policy framework and controls aligned with
industry best practices (e.g., NIST, ISO 27001, CIS). Establish and
track metrics to measure policy adherence and program maturity.
Drive internal alignment on security roles, responsibilities, and
expectations. Risk Management: Manage the enterprise risk
management process including risk identification, analysis,
treatment planning, and reporting. Conduct security risk
assessments for internal systems, projects, vendors, and business
processes. Facilitate risk-based decision-making at all levels of
the organization. Compliance: Ensure ongoing compliance with
applicable regulations and frameworks (e.g., GDPR, HIPAA, CCPA,
SOX). Maintain a library of evidence and documentation to support
audit and regulatory needs. Monitor the effectiveness of IT
controls and identify gaps in compliance. Analyze control
measurements for negative trends and reoccurrence frequency.
Collaborate with internal/external auditors on compliance audits,
audit findings, and issue remediation Awareness & Enablement:
Contribute to the continuous improvement of the risk and compliance
mindset across P&G. Build IT risk awareness by providing
support and training to others. Collaborate cross-functionally with
IT, Legal, Privacy, and Business Operations teams. Stay up to date
with how current events, security focus areas, and the regulatory
environment may impact P&G’s compliance processes Estimated
Percent of Time Spent on Work 25% - Risk identification, analysis,
and assessment 40% - Plan and drive enterprise-wide initiatives to
reduce risk and improve compliance across the organization 25% -
Assess and improve the effectiveness of IT controls and compliance
across the enterprise 10% - Collaboration with internal/external
auditors, driving a risk-aware compliance mindset
Keywords: Procter & Gamble, Cincinnati , Information Security - Governance, Risk, and Compliance (GRC) Director (Remote), IT / Software / Systems , Cincinnati, Ohio
