Governance Risk and Compliance

**About the Role**:
It’s an exciting time within Olympus as we shape our IT function into a Global IT operating model. As such, we are seeking to appoint a full-time **Governance Risk and Compliance (GRC) Lead** to support the Olympus cybersecurity mission.

Reporting to the **Head of IT Security**, the GRC Lead will be accountable for providing oversight of the GRC Task Area and to ensure effective management, collaboration, and coordination of several key cybersecurity support areas including the following:

- IT Security Strategy and projects
- Policy and Standards Management
- Enterprise Governance, Risk Management, and Compliance Support.
- Security Compliance, Vulnerability, Risk and Vendor Management Services
- Data Privacy Management (General Data Protection Regulation “GDPR”, California Consumer Privacy Act “CCPA”)
- Metrics, KPIs and Dashboard reporting

You will lead the global GRC team, with direct reports in the USA, EMEA, China, Japan and Asia-Pacific, to deliver relevant projects, information and support to the regions.

Setting the evaluation standards of the IT security program, the GRC Lead is accountable for developing governance strategy, establishing governance and quality standards, recommending tools and techniques, providing training and support, ensuring compliance globally to drive business valueand operational efficiencies, and reporting to leadership.

In addition, the GRC Lead will partner with a region and be the key contact for the regional CIO and local business. They will be the point person for coordinating any necessary regional incidents, information security & privacy meetings, ensuring an understanding of local/regional laws and regulations that need to be followed are understood and that any regional needs are addressed appropriately with the Global IT Security team.

Furthermore, your role includes the following responsibilities:

- **Security Architecture** reviews, Security Operations, IT Security Projects, Compliance, Policies, Controls, Standards, Audits, Global/Regional Regulations, IT budget preparations, Board meetings, CxO reviews and presentations, etc.
- **GRC Capability Areas** such as enterprise security risk management, compliance management, policy management, security awareness training, third party risk management, metrics and reporting.
- **Cyber Security** strategy, policies, procedures, reporting
- **Compliance** programs, reviews and reporting, ensuring compliance with the changing laws and applicable regulations.
- **Lead the Global GRC teams**, employees, contractors and vendors including hiring and mentoring. Provide training and mentoring to Security team members.
- **IT Security systems** - Direct and approve the design of IT Security systems, brief the executive team on IT Security status and risks, including taking the role of champion for the overall strategy and necessary budget. Communicate best practices and risks to all parts of the business, outside IT.
- **Regional support** - Ensuring regional teams are appropriately skilled in IT Security, ensuring regional support is available for collaboration with Olympus businesses and MSPs and providing regional support for any security incidents or operational issues
- **Manage the GRC tool** with updated IT risk register, controls, gaps, remediation and reporting. Coordinate and track all information technology and security related audits.
- **Work closely** with other security tower leads to provide guidance and mentorship as well as MSP’s, and business teams to drive towards a cohesive view of security risk and drive open remediation items to closure globally.

**About Olympus**:
Our purpose at Olympus is to **_make peoples’ lives healthier, safer and more fulfilling_**. We do this through innovation. As a technology pioneer, we design and deliver solutions across our Medical division that make a positive contribution to society.

Our products are used to capture the medical and diagnostic images of our world, from the microscopic to the endoscopic. They are instrumental for travelling inside the human body to help diagnose, treat and prevent illness.

Our commitment to customers and our social responsibility is the cornerstone of everything we do.

**Why work at Olympus?**

At Olympus, we are dedicated to fostering a high-performing culture, a collaborative environment, and enabling everyone to shine. Our common values of **_Integrity, Empathy, Long-Term View, Agility _**and**_ Unity_** form the foundation of our culture and guide our behaviour, where our people feel like they are making a difference every single day.

Not only will you benefit from a meaningful, rewarding and challenging career, you will also have access to a range of benefits:

- A competitive salary package + AWS + Variable Bonus
- Hybrid work arrangements.
- Health and Wellbeing initiatives (Annual Medical Check-ups, Flu Vaccinations, Dental benefits, and Employee Assistance Programs)

**What we are looki