Governance, Risk & Compliance Program Manager

Facebook wordmarkFacebook wordmarkFacebook
Governance, Risk & Compliance Program Manager
Facebook wordmarkFacebook wordmarkFacebook
Location pin icon
The Governance, Risk & Compliance (GRC) Program Manager would be part of a team that focuses on reducing the overall risk in the EE environment. This person should be able to understand and implement multi-faceted risk frameworks, assisting our business partners with making balanced decisions between risk exposure, growth, and innovation. This person should also be able to devise mechanisms to proactively identify, mitigate, and monitor risks by working with many cross-functional teams within Enterprise Engineering and at Facebook.
Governance, Risk & Compliance Program Manager Responsibilities
  • Continuously identify & assess risks to EE’s critical processes and assets through various technical and non-technical channels (i.e., security vulnerabilities, audits/assessments, and operational incidents)
  • Mature and automate repeatable processes to inventory, prioritize, manage, remediate, and monitor risks within the Enterprise Engineering environment
  • Manage a highly matrixed and fast-moving environment, including developing and socializing operating models to optimize risk and compliance engagement within EE and across FB enterprise
  • Serve as an interpreter and liaison between EE and enterprise SME teams, helping EE efficiently and comprehensively navigate the complexities of risk and compliance
  • Manage the data, technology, and automation platforms that drive key risk and performance reporting and insights
  • Demonstrate a strong understanding of risk management by navigating challenging conversations with leadership teams and driving risk-based decision making and accountability for those decisions
  • Develop quantitative risk and threat models to drive risk reporting and business prioritization
  • Stay abreast of latest industry trends and events that impact the security or regulatory environment of EE
Minimum Qualifications
  • 7+ years working experience in Information and Physical Security, Internal Audit, Data Privacy, or other Governance, Risk & Compliance Fields
  • Experience moving technical or business driven projects from inception to delivery, and experience articulating the impact using metrics, growth examples, return, etc.
Preferred Qualifications
  • 5+ years experience working within an IT or Technology organization with practical experience in implementing IT risk frameworks, controls, and methodologies
  • Experience in the areas of risks and controls across various IT platforms, web, middleware, cloud services (IaaS, PaaS, SaaS), database, operating systems, infrastructure and social media
  • CISSP, CISA, CISM, CRISC, CIPP, or similar industry certification(s)
  • Deep knowledge of industry standard regulations and risk management frameworks and standards (e.g., ISO, PCI, NIST, COBIT, GAPP, HIPAA, GDPR)
  • Experience with interpreting and implementing data privacy and protection regulatory requirements at scale
  • Experience with managing GRC products and implementations, including developing relevant business, technical, and data requirements
  • Experience creating and utilizing KPIs and KRIs, including dashboarding with data visualization tools
  • Experience in complex, matrixed environments and an experience navigating a constantly changing business
  • Strong communication with and organizational skills and an experience distilling complex risk data into impactful messaging to non-technical, leadership teams
  • Experience discerning business relevant risk associated with technology control deficiencies
  • Program and project management experience with process and organizational change implementation
  • Self-starter, experience working independently and as part of a team
  • Experience working independently and as part of a team
  • Strong analytical, research, and problem solving skills with a keen attention to detail
About Meta
Meta builds technologies that help people connect, find communities, and grow businesses. When Facebook launched in 2004, it changed the way people connect. Apps like Messenger, Instagram and WhatsApp further empowered billions around the world. Now, Meta is moving beyond 2D screens toward immersive experiences like augmented and virtual reality to help build the next evolution in social technology. People who choose to build their careers by building with us at Meta help shape a future that will take us beyond what digital connection makes possible today—beyond the constraints of screens, the limits of distance, and even the rules of physics.
Meta is committed to providing reasonable support (called accommodations) in our recruiting processes for candidates with disabilities, long term conditions, mental health conditions or sincerely held religious beliefs, or who are neurodivergent or require pregnancy-related support. If you need support, please reach out to
(Colorado only*) Estimated salary of $162,000/year + bonus + equity + benefits
*Note: Disclosure as required by sb19-085(8-5-20)
Related Job Openings
Meta is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics. You may view our Equal Employment Opportunity notice here. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. We may use your information to maintain the safety and security of Meta, its employees, and others as required or permitted by law. You may view Meta's Pay Transparency Policy, Equal Employment Opportunity is the Law notice, and Notice to Applicants for Employment and Employees by clicking on their corresponding links. Additionally, Meta participates in the E-Verify program in certain locations, as required by law.

Meta is committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, you may contact us at