Sr. Manager, Information Security

Job description

Job Description Role Summary: The Cybersecurity Compliance Manager is responsible for designing, operating, and continuously improving the company’s cybersecurity compliance program within a large‑scale retail environment. This role leads the day‑to‑day execution of compliance activities using the OneTrust GRC platform, with a strong focus on automation, controls monitoring, and audit‑ready evidence generation. The role ensures enterprise alignment with NIST Cybersecurity Framework (CSF) and regulatory requirements including PCI DSS, HIPAA, and U.S. state privacy regulations (CCPA/CPRA). This role is hybrid and based in our corporate headquarters in Raleigh, NC. Key Responsibilities: Cybersecurity Compliance Program Execution: - Operate and mature the enterprise cybersecurity compliance program aligned to NIST CSF and applicable regulatory frameworks (PCI DSS, HIPAA, CCPA/CPRA). - Translate regulatory and framework requirements into clear, monitored internal controls mapped to business systems and processes. - Serve as a subject matter expert for cybersecurity control compliance across IT, cloud, retail, e‑commerce, and corporate environments. - Lead day‑to‑day use of the OneTrust...