Manager, GRC
Company: Ziply Fiber
Location: Everett
Posted on: February 22, 2026
|
|
|
Job Description:
Job Description Job Description This is a remote position.
Position Title: Governance, Risk, and Compliance (GRC) Manager
$125,535 to $172,326 annually DOE Comprehensive health benefits
include - medical, dental, vision, 401k, flexible spending account,
paid sick leave and paid time off, parental leave, quarterly
performance bonus, training, career growth and education
reimbursement programs. At Ziply Fiber, our mission is to elevate
the connected lives of our communities every day. We are delivering
the fastest home internet in the Northwest, with a focus on areas
traditionally underserved by mainstream internet companies. And as
our state-of-the-art fiber network expands in WA, OR, ID and MT, so
does our need for team members who can help us grow and realize our
goals. We may be building the internet, but we are reaching real
people. We strive to build relationships and provide customers and
communities with refreshingly great experiences. We emphasize our
values in all our interactions: Genuinely Caring: Our customers and
colleagues are people, and quite possibly our neighbors. We put
ourselves in their shoes and give them our full attention.
Empowering You: We empower our customers to choose the products
that best meet their needs, and we support our employees to
implement solutions that elevate the experiences of our customers
and coworkers. Innovation and Improvement: We always look for ways
to make the experiences of our customers – and each other – better.
Earning Your Trust: We earn trust by communicating simply and
transparently as real people, not as a corporation. Job Summary The
Governance, Risk, and Compliance (GRC) Manager will be responsible
for overseeing all aspects of Ziply Fiber’s governance, risk, and
compliance framework. They will ensure that all policies and
procedures are aligned with industry regulations and best practices
and provide guidance on potential risks and compliance issues. The
GRC Manager serves as the central subject matter expert of Ziply’s
risk, compliance, audit, and policy lifecycle programs and works
closely with senior leadership to develop strategies for mitigating
risks and enhancing overall governance practices. This role is
critical for maintaining a proactive compliance posture aligned
with regulatory frameworks such as NIST 800-171, FCC LOA, and
PCI-DSS. regulators. Essential Duties and Responsibilities: The
Essential Duties and Responsibilities listed below are a range of
duties performed by the employee and not intended to reflect all
duties performed. • Lead and manage the GRC team, ensuring clear
direction, motivation, and support. • Recruit, train, and retain
skilled professionals in governance, risk, and compliance. • Set
performance objectives, conduct regular evaluations, and provide
constructive feedback. • Leads initiatives that support vendor risk
oversight, internal policy enforcement, legal hold coordination,
and audit readiness. • Drives operationalization of Ziply's
compliance commitments and serves as the key liaison to auditors
and regulators. • Own and lead the full lifecycle of policy
development, executive approval, publication, and cross functional
enforcement across business units. • Drive alignment with critical
frameworks (NIST 800-171, PCI-DSS) and maintain compliance with all
applicable state and federal regulations. • Heads the audit
process, leads internal and external audit readiness and response
efforts, overseeing control testing, evidence collection,
remediation, and closeout reporting. • Manage and maintain the
enterprise risk register; drive mitigation planning, track issue
resolution, and escalate emerging threats to senior leadership. •
Oversee third-party risk management, including vendor assessments,
compliance attestations, contractual risk reviews, and annual
reassessments. • Serve as GRC lead for M&A
activities—conducting due diligence, identifying control gaps in
acquired entities, and ensuring compliance integration post-close.
• Own the business continuity and disaster recovery (BC/DR)
governance program; oversee planning, documentation, testing, and
incident response readiness across business units. • Coordinate
legal hold and regulatory inquiry response efforts, ensuring proper
documentation handling and defensibility of enterprise actions. •
Produce and deliver executive-level reports on risk trends, control
maturity, audit findings, and overall compliance posture. • Lead
stakeholder collaboration initiatives to drive policy adherence and
embed compliance into day-to-day operations. • Establishes company
compliance program policies and processes and creates awareness and
training programs tailored to business function and risk profile. •
Reviews company marketing materials to ensure they remain in
compliance. • Lead a team of GRC analysts; oversee their risk
assessments, remediation plans, documentation efforts, and audit
support. • Partner cross-functionally with Legal, Security, IT, and
Operations to enforce unified and consistent governance and
compliance practices. • Own and drive continuous improvement of
compliance maturity, business continuity readiness, and risk
visibility across the organization. • Manage and maintain GRC
platforms or compliance tracking systems. • Performs other duties
as required to support the business and evolving organization.
Qualifications: • Bachelor of Science in Computer Science,
Information Technology, Risk Management, Legal Studies, Business,
or a related field required. • Industry certification required
(e.g., CISA, CRISC, CISSP, or equivalent). • Minimum of five (5)
years’ experience in GRC, audit, risk management, or compliance
leadership roles required. • Strong understanding of risk
frameworks (e.g., NIST CSF, NIST 800-171, ISO 27001, SOC 2). •
Direct experience managing regulatory requirements such as PCI-DSS,
DFARS, and HIPAA. • Demonstrated ability to manage cross-functional
projects and compliance initiatives. • Excellent communication and
documentation skills, including presenting to executives and
auditors. • Experience managing and maintaining GRC platforms or
compliance tracking systems. • Familiarity with legal hold,
third-party risk, and incident response documentation processes. •
Experience with business continuity and incident response
procedures aligned with Federal and State laws and regulations.
Knowledge, Skills, and Abilities: • Ability to lead with strategic
vision while executing day-to-day operational details. • Excellent
organizational and time management skills with the ability to
manage multiple priorities. • Strong critical thinking,
negotiation, and interpersonal skills. • High integrity and ability
to handle confidential or sensitive information appropriately. Work
Authorization Applicants must be currently authorized to work in
the US for any employer. Sponsorship is not available for this
position. Physical Requirements The physical demands described here
are representative of those that must be met by an employee to
successfully perform the essential functions of this job.
Reasonable accommodations may be made to enable individuals with
disabilities to perform the essential functions. Essential and
marginal functions may require maintaining physical condition
necessary for bending, stooping, sitting, walking, or standing for
prolonged periods of time; most of time is spent sitting in a
comfortable position with frequent opportunity to move about. The
employee must occasionally lift and/or move up to 25 pounds.
Specific vision abilities required by the job include close vision,
distance vision, color vision, peripheral vision, depth perception,
and the ability to adjust focus. Work Environment Work is performed
in an office setting with exposure to computer screens and requires
extensive use of a computer, keyboard, mouse, and multi-line
telephone system. The work is primarily a modern office setting. At
all times, Ziply Fiber must be your primary employer. Unless
otherwise prohibited by law, employees may not hold outside
employment nor be self-employed without obtaining approval in
writing from Ziply Fiber. In holding outside employment or
self-employment, employees should ensure that participation does
not conflict with responsibilities to Ziply Fiber or its business
interests. Diverse Workforce / EEO Ziply Fiber is an equal
opportunity employer. Ziply Fiber will consider all qualified
candidates regardless of race, color, religion, national origin,
gender, age, marital status, sexual orientation, veteran status,
and the presence of a non-job-related handicap or disability or any
other legally protected status. Ziply Fiber requires a
pre-employment background check as conditions of employment. Ziply
Fiber may require a pre-employment drug screening. Ziply Fiber is a
drug free workplace. ZFWA
Keywords: Ziply Fiber, Everett , Manager, GRC, Accounting, Auditing , Everett, Washington
