Manager, GRC
Ziply Fiber
USD 114,152-145,664 / year
Posted on Nov 21, 2025
Position Title: Governance, Risk, and Compliance (GRC) Manager
$114,152 to $145,664 annually DOE
Comprehensive health benefits include - medical, dental, vision, 401k, flexible spending account, paid
sick leave and paid time off, parental leave, quarterly performance bonus, training, career growth and
education reimbursement programs.
At Ziply Fiber, our mission is to elevate the connected lives of our communities every day. We are
delivering the fastest home internet in the Northwest, with a focus on areas traditionally underserved by
mainstream internet companies. And as our state-of-the-art fiber network expands in WA, OR, ID and MT,
so does our need for team members who can help us grow and realize our goals.
We may be building internet, but we are reaching real people. We strive to build relationships and provide
customers and communities with refreshingly great experiences.
We emphasize our values in all our interactions:
Genuinely Caring: Our customers and colleagues are people, and quite possibly our neighbors. We put
ourselves in their shoes and give them our full attention.
Empowering You: We empower our customers to choose the products that best meet their needs, and
we support our employees to implement solutions that elevate the experiences of our customers and
coworkers.
Innovation and Improvement: We always look for ways to make the experiences of our customers –
and each other – better.
Earning Your Trust: We earn trust by communicating simply and transparently as real people, not as a
corporation.
Job Summary
To be considered for this role, you must live within commuting distance of Seattle, WA or Dallas, TX.
The Governance, Risk, and Compliance (GRC) Manager will be responsible for overseeing all aspects of
Ziply Fiber’s governance, risk, and compliance framework. They will ensure that all policies and
procedures are aligned with industry regulations and best practices and provide guidance on potential
risks and compliance issues. The GRC Manager serves as the central subject matter expert of Ziply’s
risk, compliance, audit, and policy lifecycle programs and works closely with senior leadership to develop
strategies for mitigating risks and enhancing overall governance practices. This role is critical for
maintaining a proactive compliance posture aligned with regulatory frameworks such as NIST 800-171,
FCC LOA, and PCI-DSS. regulators.
Essential Duties and Responsibilities:
The Essential Duties and Responsibilities listed below are a range of duties performed by the employee
and not intended to reflect all duties performed.
• Lead and manage the GRC team, ensuring clear direction, motivation, and support.
• Recruit, train, and retain skilled professionals in governance, risk, and compliance.
• Set performance objectives, conduct regular evaluations, and provide constructive feedback.
• Leads initiatives that support vendor risk oversight, internal policy enforcement, legal hold
coordination, and audit readiness.
• Drives operationalization of Ziply's compliance commitments and serves as the key liaison to
auditors and regulators.
• Own and lead the full lifecycle of policy development, executive approval, publication, and cross functional
enforcement across business units.
• Drive alignment with critical frameworks (NIST 800-171, PCI-DSS) and maintain compliance with
all applicable state and federal regulations.
• Heads the audit process, leads internal and external audit readiness and response efforts,
overseeing control testing, evidence collection, remediation, and closeout reporting.
• Manage and maintain the enterprise risk register; drive mitigation planning, track issue resolution,
and escalate emerging threats to senior leadership.
• Oversee third-party risk management, including vendor assessments, compliance attestations,
contractual risk reviews, and annual reassessments.
• Serve as GRC lead for M&A activities—conducting due diligence, identifying control gaps in
acquired entities, and ensuring compliance integration post-close.
• Own the business continuity and disaster recovery (BC/DR) governance program; oversee
planning, documentation, testing, and incident response readiness across business units.
• Coordinate legal hold and regulatory inquiry response efforts, ensuring proper documentation
handling and defensibility of enterprise actions.
• Produce and deliver executive-level reports on risk trends, control maturity, audit findings, and
overall compliance posture.
• Lead stakeholder collaboration initiatives to drive policy adherence and embed compliance into
day-to-day operations.
• Establishes company compliance program policies and processes and creates awareness and
training programs tailored to business function and risk profile.
• Reviews company marketing materials to ensure they remain in compliance.
• Lead a team of GRC analysts; oversee their risk assessments, remediation plans, documentation
efforts, and audit support.
• Partner cross-functionally with Legal, Security, IT, and Operations to enforce unified and
consistent governance and compliance practices.
• Own and drive continuous improvement of compliance maturity, business continuity readiness,
and risk visibility across the organization.
• Manage and maintain GRC platforms or compliance tracking systems.
• Performs other duties as required to support the business and evolving organization.
Qualifications:
• Bachelor of Science in Computer Science, Information Technology, Risk Management, Legal
Studies, Business, or a related field required.
• Industry certification required (e.g., CISA, CRISC, CISSP, or equivalent).
• Minimum of five (5) years’ experience in GRC, audit, risk management, or compliance leadership
roles required.
• Strong understanding of risk frameworks (e.g., NIST CSF, NIST 800-171, ISO 27001, SOC 2).
• Direct experience managing regulatory requirements such as PCI-DSS, DFARS, and HIPAA.
• Demonstrated ability to manage cross-functional projects and compliance initiatives.
• Excellent communication and documentation skills, including presenting to executives and
auditors.
• Experience managing and maintaining GRC platforms or compliance tracking systems.
• Familiarity with legal hold, third-party risk, and incident response documentation processes.
• Experience with business continuity and incident response procedures aligned with Federal and
State laws and regulations.
Knowledge, Skills, and Abilities:
• Ability to lead with strategic vision while executing day-to-day operational details.
• Excellent organizational and time management skills with the ability to manage multiple priorities.
• Strong critical thinking, negotiation, and interpersonal skills.
• High integrity and ability to handle confidential or sensitive information appropriately.
Work Authorization
Applicants must be currently authorized to work in the US for any employer. Sponsorship is not available
for this position.
Physical Requirements
The physical demands described here are representative of those that must be met by an employee to
successfully perform the essential functions of this job. Reasonable accommodations may be made to
enable individuals with disabilities to perform the essential functions.
Essential and marginal functions may require maintaining physical condition necessary for bending,
stooping, sitting, walking, or standing for prolonged periods of time; most of time is spent sitting in a
comfortable position with frequent opportunity to move about. The employee must occasionally lift and/or
move up to 25 pounds. Specific vision abilities required by the job include close vision, distance vision,
color vision, peripheral vision, depth perception, and the ability to adjust focus.
Work Environment
Work is performed in an office setting with exposure to computer screens and requires extensive use of a
computer, keyboard, mouse, and multi-line telephone system. The work is primarily a modern office
setting.
At all times, Ziply Fiber must be your primary employer. Unless otherwise prohibited by law, employees
may not hold outside employment nor be self-employed without obtaining approval in writing from Ziply
Fiber. In holding outside employment or self-employment, employees should ensure that participation
does not conflict with responsibilities to Ziply Fiber or its business interests.
Diverse Workforce / EEO
Ziply Fiber is an equal opportunity employer. Ziply Fiber will consider all qualified candidates regardless of
race, color, religion, national origin, gender, age, marital status, sexual orientation, veteran status, and the
presence of a non-job-related handicap or disability or any other legally protected status.
Ziply Fiber requires a pre-employment background check as conditions of employment. Ziply Fiber may
require a pre-employment drug screening.
Ziply Fiber is a drug free workplace.