We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
New
Vigor Industrial jobs

Governance Risk and Compliance (GRC) Specialist

Vigor Industrial
$108,000.00 - $122,000.00 / yr
paid holidays, tuition reimbursement, 401(k)
United States, Oregon, Portland
5555 North Channel Avenue (Show on map)
Jul 18, 2025

Description


Who We Are
Vigor, a Titan Company, is a values-driven, diversified industrial businessoperating in six locations with approximately 1,800 people in Oregon, Washington and Alaska. Built around a collection of powerful, unique assets and differentiated capabilities, Vigor excels at specialized shipbuilding, ship repair and handling important, complex projects in support of energy generation, our nation's infrastructure and national defense.

With deep respect for people and the planet, Vigor strives to be a positive, regenerative force for good - environmentally, in the lives of our employees and in the community. We have built a positive culture that honors the work we do, the workers who do it, and the world we live in.

POSITION SUMMARY:
The Governance, Risk and Compliance (GRC) Specialist reports to the Chief Technology and Security Officer (CTSO). In this role you will have responsibility for ensuring TITAN operates its Information Technology (IT) systems ethically, legally, and efficiently. This position is responsible for developing, implementing, and maintaining TITAN's IT/Security GRC program, specifically tailored to the unique challenges and regulations of the maritime and ship repair industry . This role has a particular emphasis on cybersecurity compliance, especially concerning Department of Defense (DoD) Controlled Unclassified Information (CUI) and adherence to NIST 800-171 standards. The GRC Specialist will work collaboratively across departments to identify, assess, and mitigate IT/Security risks; ensure compliance with relevant laws, regulations, and internal policies; and promote a culture of ethical conduct and accountability.

Salary: $108,000 - 122,000

ESSENTIAL FUNCTIONS AND RESPONSIBILITIES:
(This list is not intended to detail all aspects of the assigned work but is representative of the job's overall responsibilities)
  • Governance
    • Technical writer and primary drafter and maintainer of IT/Security relevant policies, procedures, plans, and related governance documentation.
    • Track and manage overall governance posture and ensure documentation is maintained, and current.
    • Manage and oversee the Controls Assessment and Periodic Activities Calendar that identifies all IT/Security actions that must occur throughout the year on a weekly through annual basis. Direct responsible parties, track completion status and advise leadership on deficiencies.
  • IT/Security Risk Management
    • Manage and conduct risk assessments that identify, analyze, and evaluate potential IT/Security risks.
    • Develop and implement risk mitigation strategies and controls in collaboration with relevant departments.
    • Monitor the effectiveness of risk mitigation measures and make recommendations for adjustments as needed.
    • Maintain and update the company's IT/Security Risk Register.
    • Assist in developing and maintaining business continuity and disaster recovery plans.
    • Host, manage and facilitate TITAN weekly Cyber Risk Advisory (CRA) Committees that evaluate IT/Security risks and makes informed recommendations on risk mitigation strategies.
  • Compliance:
    • Monitor and interpret relevant laws, regulations, and industry standards applicable to the ship repair industry, including but not limited to:
    • Government Contracting Regulations: FAR (Federal Acquisition Regulation), DFARS (Defense Federal Acquisition Regulation Supplement), and other relevant government contracting requirements (if applicable). Specifically, DFARS 252.204-7012 (Safeguarding Covered Defense Information and Cyber Incident Reporting) and its associated requirements.
    • Data Privacy Regulations such as CCPA, and other state or industry specific data privacy regulations.
    • Cybersecurity Standards: NIST SP 800-171 (Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations) - Advanced understanding and practical implementation experience are essential. This includes understanding and implementing security requirements across all 14 control families. Knowledge of other relevant cybersecurity frameworks (e.g., NIST Cybersecurity Framework (CSF), ISO 27001) may be considered a plus.
    • Make recommendations on IT/Security controls that obtain and/or retain compliance to standards.
    • Operate as the lT/Security lead for interfacing with internal audits and external compliance assessments and reviews. This includes regular assessments of compliance with NIST 800-171 requirements, including self-assessments and preparation for potential CMMC (Cybersecurity Maturity Model Certification) audits (if applicable).
    • Own the update and maintenance of the System Security Plan (SSP) as hosted in the FutureFeed portal.
    • Host, manage and facilitate the monthly IT/Security Council which briefs senior leaders and executives on IT/Security Metrics.


EDUCATION, CERTIFICATES, LICENSES AND REGISTRATION:
  • Bachelor's degree from an accredited institution in Computer Science, Information Technology or a related discipline is a plus, but not required.
  • At least three (3) years of components of GRC experience required.
  • Must have, or obtain within first six (6) months of employment, and retain throughout employment, at least one IAT I / IAM I professional certification from the approved DOD baseline.


KNOWLEDGE SKILLS AND ABILITIES:
  • Ability to multi-task in a fast-paced, diverse environment, while maintaining attention to detail and exhibiting strong leadership
  • Ability to problem solve, prioritize duties and assignments, and monitor all aspects of an IT/Security GRC program
  • Ability to conduct technical writing that is detail oriented, addresses attention to detail and is delivered within expected timelines.
  • Broad knowledge and experience with the various DoD security directives and regulations to include NIST 800-171, and other federal regulations pertaining to Information Security
  • Experience with briefing and making recommendations to senior executives.


PHYSICAL DEMANDS:
Work is conducted in a dynamic, fast-paced office setting with moderate noise. He/she may be required to work more than 8-hour shifts, evening and weekend work. There may be local travel and out-of-town travel (including air travel) up to 10% of the time with notice. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

WORK ENVIRONMENT:
Work is primarily in an office environment located within an active shipyard. While in production areas, the individual will be occasionally exposed to all weather conditions, noise, dust and odors. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

CITIZENSHIP: Pursuant to a government contract, this specific position requires US citizenship.
Vigor Industrial LLC and its wholly owned subsidiaries are drug, smoke and vape-free workplaces. Prospective employees must pass a drug and alcohol test and background check as pre-employment screening.

Vigor Values
Vigor expects all employees to enhance the atmosphere in which they work by living the Vigor Values every day.
Truth:We seek the truth, and we speak the truth
Responsibility:We act on what we know is right
Evolution: We seek mastery, and adapt to a changing world
Love:We care about the people we work with, and the world we live in

At Vigor we offer a generous benefits package that includes:

Medical
RX
Dental
Vision
Life

AD&D
LTD
STD
EAP
Discretionary bonus

Tuition Reimbursement
FSA (Medical, Childcare, Transportation)
10 paid holidays
PTO
401(k)

Vigor and its wholly owned subsidiaries are committed to inclusion and diversity by providing equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, protected veterans, age, genetics, the presence of a physical or mental condition or disability that can be reasonably accommodated, or any other protected class under relevant laws in the locations we operate. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions and can be requested with Vigor's Human Resources Department.

In addition to federal law requirements, Vigor complies with applicable state and local laws governing nondiscrimination and non-retaliation in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, benefits, promotion, termination, layoff, recall, transfer, leaves of absence, compensati

Applied = 0
MORE JOBS LIKE THIS

(web-6886664d94-b4mmp)