Information Security - Governance, Risk, and Compliance (GRC) Director (Remote)
Company: Procter & Gamble
Location: Cincinnati
Posted on: March 11, 2026
|
|
|
Job Description:
Job Location CINCINNATI GENERAL OFFICES Job Description
Information Technology at Procter & Gamble is where business,
innovation and technology integrate to build a competitive
advantage for P&G. Our mission is clear we deliver IT to help
P&G win with the over 5 billion consumers we serve worldwide.
Our IT professionals are diverse business leaders who apply IT
expertise to deliver innovative, tech-focused business models and
capabilities for our 65 iconic, trusted brands. From Day 1, you’ll
be trusted to dive right in, take the lead, use your initiative,
and build billion-dollar brands that help make everyday activities
easier and make the world a better place! Our company offers
purposeful work that will take your career places you never
envisioned, in creative workspaces where innovation thrives and
where your technical expertise is recognized and rewarded. The
Opportunity P&G is seeking a Governance, Risk, and Compliance
Director passionate about safeguarding data, enabling business
through smart risk management, and shaping the future of
cybersecurity. The IT Governance, Risk, and Compliance (GRC)
Organization at Procter & Gamble is responsible for risk
identification, assessment, and remediation across the IT
landscape, as well as driving automated governance and compliance
breakthroughs. As the GRC expert, you’ll play a critical role in
maturing and maintaining the security risk and compliance posture
of our organization. You will lead initiatives that align our
security program with business goals, ensure regulatory and policy
compliance, and creatively solve problems to manage risk for the
company. Responsibilities: Governance: Maintain and evolve the
information security policy framework and controls aligned with
industry best practices (e.g., NIST, ISO 27001, CIS). Establish and
track metrics to measure policy adherence and program maturity.
Drive internal alignment on security roles, responsibilities, and
expectations. Risk Management: Manage the enterprise risk
management process including risk identification, analysis,
treatment planning, and reporting. Conduct security risk
assessments for internal systems, projects, vendors, and business
processes. Facilitate risk-based decision-making at all levels of
the organization. Compliance: Ensure ongoing compliance with
applicable regulations and frameworks (e.g., GDPR, HIPAA, CCPA,
SOX). Maintain a library of evidence and documentation to support
audit and regulatory needs. Monitor the effectiveness of IT
controls and identify gaps in compliance. Analyze control
measurements for negative trends and reoccurrence frequency.
Collaborate with internal/external auditors on compliance audits,
audit findings, and issue remediation Awareness & Enablement:
Contribute to the continuous improvement of the risk and compliance
mindset across P&G. Build IT risk awareness by providing
support and training to others. Collaborate cross-functionally with
IT, Legal, Privacy, and Business Operations teams. Stay up to date
with how current events, security focus areas, and the regulatory
environment may impact P&G’s compliance processes Estimated
Percent of Time Spent on Work 25% - Risk identification, analysis,
and assessment 40% - Plan and drive enterprise-wide initiatives to
reduce risk and improve compliance across the organization 25% -
Assess and improve the effectiveness of IT controls and compliance
across the enterprise 10% - Collaboration with internal/external
auditors, driving a risk-aware compliance mindset Job
Qualifications Required: Bachelor's degree in Computer Science,
Computer Systems Engineering, Cybersecurity, Industrial
Engineering, Business Management Information Systems, Software
Development, or related field Prior hands on experience working in
a security-focused role, such as Information Security Analyst, SOC
Analyst, Security Engineer, etc. 8 years of experience in
Governance, Risk, and Compliance with a focus on Information
Security In-depth knowledge of major security frameworks (e.g.,
NIST CSF, ISO 27001, SOC 2). Experience conducting risk
assessments, audits, and control testing. Strong understanding of
regulatory compliance requirements (e.g., GDPR, HIPAA, SOX, PCI
DSS). Proven ability to write policies, manage documentation, and
communicate clearly to both technical and non-technical
stakeholders. Ability to influence and build relationships with
business unit stakeholders, external service providers, and
architecture teams. The ability to work independently, collaborate,
and learn quickly. English fluency (speak, write, and read)
Preferred Skills: Certified in CISSP, ISACA CRISC, CGEIT, CISA, or
similar Pay Range: $160,000 - $220,000 Compensation for roles at
P&G varies depending on a wide array of equal opportunity
factors including but not limited to the specific office location,
role, degree/credentials, relevant skills, and level of experience.
At P&G compensation decisions are dependent on the facts and
circumstances of each case. Total rewards at P&G include salary
bonus (if applicable) benefits. Your recruiter may be able to share
more about our total rewards offerings and the specific salary
range for the relevant location(s) during the hiring process. Our
company is committed to providing equal opportunities in
employment. We value diversity and do not discriminate on the basis
of race, religion, color, national origin, gender, sexual
orientation, age, marital status, veteran status, or disability
status. Immigration Sponsorship is not available for this role. For
more information regarding who is eligible for hire at P&G
along with other work authorization FAQ’s, please click HERE .
P&G participates in e-verify as required by law. Qualified
individuals will not be disadvantaged based on being unemployed. We
will ensure that individuals with disabilities are provided
reasonable accommodation to participate in the job application or
interview process, to perform job functions, and to receive other
benefits and privileges of employment. Please contact us to request
accommodation. Job Schedule Full time Job Number R000136880 Job
Segmentation Experienced Professionals Starting Pay / Salary Range
$160,000.00 - $220,000.00 / year
Keywords: Procter & Gamble, Lexington , Information Security - Governance, Risk, and Compliance (GRC) Director (Remote), IT / Software / Systems , Cincinnati, Kentucky
