Job Description

We are Lennar 

Lennar is one of the nation's leading homebuilders, dedicated to making an impact and creating an extraordinary experience for their Homeowners, Communities, and Associates by building quality homes and providing exceptional customer service, giving back to the communities in which we work and live in, and fostering a culture of opportunity and growth for our Associates throughout their career. Lennar has been recognized as a Fortune 500® company and consistently ranked among the top homebuilders in the United States.

A Career that Empowers You to Build Your Future

The role of Senior Manager for Governance, Risk, and Compliance (GRC) at Lennar involves strategically developing, implementing, and maintaining a comprehensive GRC program that meets regulatory and industry standards. This position is vital for leading the development and collaboration of a robust cybersecurity program, ensuring compliance, and enhancing risk management practices to effectively identify, assess, and mitigate risks. It also includes mentoring

Your Responsibilities on the Team 

• Strategically develop, implement, and maintain a comprehensive Cyber GRC framework that aligns with relevant global regulatory requirements and industry standard frameworks.

• Own and maintain centralized IT policy and process governance and oversight on the exceptions management process.

• Define and implement risk management processes and tools to monitor and manage risks effectively.

• Oversee risk assessment and management activities across the organization to identify, assess, and prioritize risks, and develop strategies to mitigate them.

• Be principal participant and work closely with the Director of Security to create the comprehensive cybersecurity program that integrates risk management activities and lessons learned from past organizational events to enhance overall security posture

• Drive and mature the vendor and third-party cyber risk management process.

• Drive and ensuring collaboration between relevant stakeholders from different business areas, IT and cybersecurity to implement effective risk management and compliance into the corporate strategy.

• Collaborate with legal and different stakeholders to interpret the security requirements resulting from different regulations

• Engage with internal audit and external auditors to support IT audits and cybersecurity assessments.

• Lead internal evaluations of IT and cybersecurity controls, presenting findings and recommendations.

• Prepare and present detailed risk and compliance reports to senior management, offering insights and strategic recommendations.

• Develop and maintain a comprehensive security awareness program for employees.

• Lead and mentor a team of GRC professionals, fostering a culture of accountability and continuous improvement.

Your Toolbox 

Education and previous experience

Candidates will be evaluated primarily upon their ability to demonstrate the competencies required to be successful in the role, as described above. For reference, the typical work experience and educational background of candidates in this role are as follows:

• BS or MA in computer science, information security, cybersecurity or a related field

•  [10+] years of experience in an IT audit, enterprise risk management (ERM) role or cyber risk management role

• [10+] years of experience with regulatory compliance, risk management frameworks and information security management frameworks (e.g. ISO 27000, NIST CSF, NIST Risk Management Framework, ISO 27005, etc.)

Business and Technical Experience

• Extensive relevant industry experience in Information Technology, Cyber Security, IT Audit, Technology Risk, or GRC.

• In-depth knowledge of standard cyber controls frameworks, including CIS Top18, NIST Cyber Security Framework, NIST 800.53, NIST 800.171 and CMMC.

• Experience managing a third-party cyber risk management process and reviewing reports such as SOC 1 and SOC 2.

• Big 4 IT Audit background or experience in Fortune 100 companies is a plus.

• Experience with people management.

• Proven experience in navigating complex organizations and effective relationship management.

Knowledge and skills

• One or more certifications such as CISA, CISM, CISSP, CRISC, CIA, or CGEIT are desired.

• Ability to translate complex technical topics into easy-to-understand concepts fostering understanding and collaboration between technical and business stakeholder.

• Strong verbal and written communication skills, with the ability to communicate with peers and executive leadership.

• Strong leadership and time management skills.

• knowledge of methodologies and best practices in conducting risk assessments, implementing risk mitigation strategies, and monitoring risk management effectiveness.

• Ability to plan, manage, evaluate, and supervise programs and personnel.

• Ability to effectively lead teams in multiple projects

Physical & Office/Site Presence Requirements

This is primarily a sedentary office position which requires the incumbent to have the ability to operate computer equipment, speak, hear, bend, stoop, reach, lift, and move and carry up to 25 lbs. Finger dexterity is necessary. 

This description outlines the basic responsibilities and requirements for the position noted. This is not a comprehensive listing of all job duties of the Associates. Duties, responsibilities and activities may change at any time with or without notice. 

Life at Lennar

At Lennar, we are committed to fostering a supportive and enriching environment for our Associates, offering a comprehensive array of benefits designed to enhance their well-being and professional growth. Our Associates have access to robust health insurance plans, including Medical, Dental, and Vision coverage, ensuring their health needs are well taken care of. Our 401(k) Retirement Plan, complete with a $1 for $1 Company Match up to 5%, helps secure their financial future, while Paid Parental Leave and an Associate Assistance Plan provide essential support during life's critical moments. To further support our Associates, we provide an Education Assistance Program and up to $30,000 in Adoption Assistance, underscoring our commitment to their diverse needs and aspirations. From the moment of hire, they can enjoy up to three weeks of vacation annually, alongside generous Holiday, Sick Leave, and Personal Day policies. Additionally, we offer a New Hire Referral Bonus Program, significant Home Purchase Discounts, and unique opportunities such as the Everyone’s Included Day. At Lennar, we believe in investing in our Associates, empowering them to thrive both personally and professionally. Lennar Associates will have access to these benefits as outlined by Lennar’s policies and applicable plan terms. Visit Lennartotalrewards.com to view our suite of benefits.

Join the fun and follow us on social media to see what's happening at our company, and don't forget to connect with us on Lennar: Overview | LinkedInhttps://www.linkedin.com/company/lennar/> for the latest job opportunities.

Lennar is an equal opportunity employer and complies with all applicable federal, state, and local fair employment practices laws.