(Remote) Manager, GRC, Product Security
Washington, Seattle/Redmond Virtual Address
It’s Time to Join Stryker!
Who We Want
Talent Developers. Growth-oriented managers who recruit and hire top-performing talent and prioritize the development of their team members.
Managers who drive performance. People who implement process improvements and leverage the talent of their team to consistently increase performance and productivity.
Collaborative partners. People who build and leverage cross-functional relationships to bring together ideas, information, and use cases to develop best practices and remove roadblocks for teams.
As a Manager in Governance, Risk, and Compliance (GRC) within our Product Security team, you'll play a pivotal role in ensuring the development, manufacturing, and maintenance of our medical devices meet the highest security and compliance standards. This position requires a thorough understanding of the regulatory landscape, including pre-market and post-market requirements, and the ability to develop and implement effective security controls and policies.
What You Will Do
- Lead and Mentor: You will guide a dedicated team of Compliance Specialists and Process Owners, fostering a deep understanding of compliance requirements across various business units. Your mentorship will help shape the team's strategic direction and enhance their professional growth, ensuring alignment with organizational goals and continuous improvement in our compliance processes.
- Reporting: You will Develop reporting metrics, dashboards and evidence of GRC activities and compliance, and assist in testing against the standards.
- Collaborative Guidance: You will ensure the integration of GRC practices into every stage of the product lifecycle, from concept through post-market surveillance, aligning with business goals and regulatory compliance.
- Regulatory Expertise: You will navigate the complex regulatory environments, both domestically and internationally, ensuring adherence to standards such as EU MDR, ISO 27001, NIST 800-53, and IEC 81001-5-1. Your role includes leading the preparation and management of regulatory filings and audits.
- Policy and Process Development: You will craft and enforce security policies, processes and procedures that uphold secure software development and security operations within the context of medical devices.
- Stakeholder Collaboration: Building strong relationships with internal teams, external partners, and regulatory bodies will be key. You will serve as a subject matter expert in GRC, advocating for security best practices.
- Impact Through Influence: You will advocate for and implement GRC best practices across diverse teams, influencing product development and company culture towards heightened security and compliance.
- Adaptive Expertise: Staying abreast of changing regulatory landscapes and seamlessly integrating these requirements into our operations will be a key measure of your effectiveness.
- Proactive Strategy: You will use your insight to anticipate potential compliance challenges and devise effective strategies to address them. Your forward-thinking approach and problem-solving skills will contribute significantly to our organizational resilience.
What You Need
- Bachelor’s degree in Computer Science, Information Technology or other related discipline required.
- 10+ years of experience required.
- 2+ years of leadership experience required.
What We Would Love That You Have (Preferred Qualifications)
(You do not need to have all of these)
- MBA and/or MS preferred.
- 3+ years in life sciences or medical device manufacturing.
- Experience in GRC roles, preferably within the medical device or related healthcare sectors, with a proven track record in managing product security within a global regulatory framework.
- Deep understanding of regulatory requirements, cyber security controls, GRC frameworks, and risk management, with familiarity in secure software development and product lifecycle management within the medical device context.
- Experience in consultancy or advisory roles is beneficial, showcasing your ability to analyze, strategize, and effectively communicate complex security and compliance issues.
- Strong capabilities in building relationships, communicating effectively, and collaborating across functions are essential. Your ability to lead by influence, drive process improvements, and cultivate a culture of security and compliance is crucial.
- Experience with GRC tools and platforms such as OneTrust, along with data tools like Smartsheet for organizing and delivering high-quality dashboards and trackers, is highly valued.
- Relevant cyber security certifications
- $126,500 - $271,100 salary plus bonus eligible + benefits. Actual minimum and maximum may vary based on location. Individual pay is based on skills, experience, and other relevant factors.
Job Profile
Remote
Benefits/PerksBenefits Bonus eligible Bonus eligible + benefits Collaborative environment Professional growth opportunities Salary plus bonus eligible + benefits Travel Percentage Work flexibility
Tasks- Advocate for security best practices
- Anticipate compliance challenges
- Build relationships with stakeholders
- Craft security policies and processes
- Development
- Develop reporting metrics and dashboards
- Drive process improvements
- Ensure integration of GRC practices
- Implement process improvements
- Lead and mentor compliance team
- Navigate regulatory environments
- Testing
Collaboration Compensation Compliance Computer Continuous Improvement Data Reporting EU MDR Flexibility Governance GRC IEC 81001-5-1 Integration ISO 27001 Leadership Life sciences M Medical device Medical Devices NIST 800-53 Organizational Problem-solving Process Improvement Product Development Product Security Regulatory Compliance Regulatory requirements Regulatory standards Reporting Risk Management Security policies Software Development Stakeholder Collaboration Strategic Team Leadership
Experience10 years
EducationBachelor's degree Business Certifications Computer Science IT Life Sciences MBA MS
TimezonesAmerica/Anchorage America/Chicago America/Denver America/Los_Angeles America/New_York Pacific/Honolulu UTC-10 UTC-5 UTC-6 UTC-7 UTC-8 UTC-9