Region: Shelton, CT
Ready for a fresh, new career? Look no further because one of the world’s most iconic brands can help you get there.
Why Join Us?
At Subway, “better” is baked into our DNA. We are a brand that believes in continued improvement … in our lives, our businesses, and our planet. From the handshake that started our very first sandwich shop to earning our position as one of the world’s leading restaurant brands, we’ve always embraced change and the path ahead. And today, we're making better living way easier.
Our purpose is about more than the food we serve in our restaurants. It’s centered on fueling healthy businesses and healthier lives. It is one of the most exciting times to join the Subway team and contribute to our transformational journey.
About the Role:
We have an exciting opportunity to support our Information Security team as an Information Risk GRC Program Manager based in Shelton, CT. The Information Risk GRC Program Manager is responsible for day-to-day execution of the organization's Information Risk GRC program. This role involves developing and implementing GRC strategies, overseeing risk assessments, ensuring compliance with regulatory requirements, and providing strategic guidance to senior leadership.
If you feel that this is the role for you, and you are successful with your application, be ready to be Bold, Empowered, Accountable, and ready to have Fun in a fast paced and agile working environment.
Responsibilities include but are not limited to:
- Establishing, coordinating, and facilitating opportunities for appropriate stakeholders to escalate and debate risk.
- Tracking disposition of risk treatments over time.
- Overseeing risk assessments, identify, and evaluate potential threats, and develop mitigation strategies.
- Ensuring compliance with relevant governance frameworks and standards (e.g., ISO 27001, NIST Cybersecurity Framework).
- Monitoring compliance with regulatory requirements and industry best practices.
- Preparing executive-level reports on the organization's risk posture, compliance status, and recommendations for improvement.
- Building and maintaining relationships with key stakeholders, including senior leadership, IT, legal, and compliance teams.
- Identifying opportunities for process improvement and drive continuous enhancement of the GRC program.
Qualifications:
- 7+ years relative experience.
- Strong understanding of risk management, governance, and compliance concepts.
- Experience leading and managing GRC programs.
- Knowledge of governance frameworks and standards (e.g., ISO 27001, NIST Cybersecurity Framework).
- Strong analytical and problem-solving skills.
- Excellent written and verbal communication skills.
- Ability to influence and collaborate with senior leadership.
- Certifications such as Certified Information Systems Security Professional (CISSP), Certified Risk Manager (CRM), or Certified Information Systems Auditor (CISA) can be beneficial.
What do we Offer?
- Insurance Plans (Medical/Life)
- 401K
- Competitive Bonus
- Mobility Allowance
- Tuition Reimbursement
- Company Holidays
- Employee Resource Groups
- Volunteering time
- And Many More…..
The Company is only considering applicants who are currently authorized to work in the country the position is based. AA/EOE/M/F/D/V
Actual pay is determined based on a number of job-related factors including skills, education, training, credentials, qualifications, scope and complexity of role responsibilities, geographic location, performance, and working conditions.
