Governance, Risk, and Compliance (GRC) Manager

At Ziply Fiber, our mission is to elevate the connected lives of our communities every day. We are delivering the fastest home internet in the Northwest, with a focus on areas traditionally underserved by mainstream internet companies. And as our state-of-the-art fiber network expands in WA, OR, ID and MT, so does our need for team members who can help us grow and realize our goals. We may be building internet, but we are reaching real people. We strive to build relationships and provide customers and communities with refreshingly great experiences. We emphasize our values in all our interactions: Genuinely Caring: Our customers and colleagues are people, and quite possibly our neighbors. We put ourselves in their shoes and give them our full attention. Empowering You: We empower our customers to choose the products that best meet their needs, and we support our employees to implement solutions that elevate the experiences of our customers and coworkers. Innovation and Improvement: We always look for ways to make the experiences of our customers – and each other – better. Earning Your Trust: We earn trust by communicating simply and transparently as real people, not as a corporation. Job Summary The Governance, Risk, and Compliance (GRC) Manager will be responsible for overseeing all aspects of Ziply Fiber’s governance, risk, and compliance framework. They will ensure that all policies and procedures are aligned with industry regulations and best practices and provide guidance on potential risks and compliance issues. The GRC Manager serves as the central subject matter expert of Ziply’s risk, compliance, audit, and policy lifecycle programs and works closely with senior leadership to develop strategies for mitigating risks and enhancing overall governance practices. This role is critical for maintaining a proactive compliance posture aligned with regulatory frameworks such as NIST 800-171, FCC LOA, and PCI-DSS. regulators. Essential Duties and Responsibilities: The Essential Duties and Responsibilities listed below are a range of duties performed by the employee and not intended to reflect all duties performed.

• Lead and manage the GRC team, ensuring clear direction, motivation, and support.
• Recruit, train, and retain skilled professionals in governance, risk, and compliance.
• Set performance objectives, conduct regular evaluations, and provide constructive feedback.
• Leads initiatives that support vendor risk oversight, internal policy enforcement, legal hold coordination, and audit readiness.
• Drives operationalization of Ziply's compliance commitments and serves as the key liaison to auditors and regulators.
• Own and lead the full lifecycle of policy development, executive approval, publication, and cross-functional enforcement across business units.
• Drive alignment with critical frameworks (NIST 800-171, PCI-DSS) and maintain compliance with all applicable state and federal regulations.
• Heads the audit process, leads internal and external audit readiness and response efforts, overseeing control testing, evidence collection, remediation, and closeout reporting.
• Manage and maintain the enterprise risk register; drive mitigation planning, track issue resolution, and escalate emerging threats to senior leadership.
• Oversee third-party risk management, including vendor assessments, compliance attestations, contractual risk reviews, and annual reassessments.
• Serve as GRC lead for M&A activities—conducting due diligence, identifying control gaps in acquired entities, and ensuring compliance integration post-close.
• Own the business continuity and disaster recovery (BC/DR) governance program; oversee planning, documentation, testing, and incident response readiness across business units.
• Coordinate legal hold and regulatory inquiry response efforts, ensuring proper documentation handling and defensibility of enterprise actions.
• Produce and deliver executive-level reports on risk trends, control maturity, audit findings, and overall compliance posture.
• Lead stakeholder collaboration initiatives to drive policy adherence and embed compliance into day-to-day operations.
• Establishes company compliance program policies and processes and creates awareness and training programs tailored to business function and risk profile.
• Reviews company marketing materials to ensure they remain in compliance.
• Lead a team of GRC analysts; oversee their risk assessments, remediation plans, documentation efforts, and audit support.
• Partner cross-functionally with Legal, Security, IT, and Operations to enforce unified and consistent governance and compliance practices.
• Own and drive continuous improvement of compliance maturity, business continuity readiness, and risk visibility across the organization.
• Manage and maintain GRC platforms or compliance tracking systems.
• Performs other duties as required to support the business and evolving organization. Qualifications:
• Bachelor of Science in Compu

Apply tot his job Apply To this Job