GRC Specialist

BCM One is looking for a GRC Specialist to join our growing global compliance team. In this role, you will bridge Information Security Governance, Risk & Compliance (GRC) and IT Service Management (ITSM) disciplines to strengthen our global IT operations and compliance posture. You’ll work hands-on across security, compliance, and service management teams to drive the design, implementation, and ongoing operation of security controls, ensuring alignment with internal standards, industry regulations, and contractual requirements.

Reporting to the Global Manager of Info Sec & GRC, this role will lead efforts across monitoring, assessing, designing, implementing, and maintaining security processes aligned with GRC frameworks, while driving operational excellence, audit readiness, and risk mitigation. You’ll collaborate with cross-functional teams across global geographies to ensure consistent control adoption, service delivery, and compliance across the environment.

Work Location: 

This position may be hybrid or fully remote. Preference will be given to candidates located in or near one of our office locations: Grand Rapids, Michigan; Herndon, Virginia; Alpharetta, Georgia; or Blue Bell, Pennsylvania. Candidates must live in and be authorized to work in the United States; this position is not eligible for relocation or sponsorship.

Hours:

Core hours are typically 8:00 a.m.–5:00 p.m. Eastern Time, with flexibility to support international teams.

Travel:

Travel is unlikely but could include fewer than five trips per year to international offices.

What You Will Do:

• Lead the development, implementation, and maintenance of GRC frameworks (e.g., ISO 27001, SOC 2, GDPR).
  
• Conduct risk assessments, design and validation of security controls, compliance monitoring, and third‑party security evaluations. 
  
• Manage internal and external audits, including audit preparation, evidence collection, reporting, and remediation planning.
• Drive security control implementation by partnering with cross‑functional teams and advising stakeholders on control adoption across the business.
• Maintain documentation of policies, procedures, and controls per global standards.
  
• Collaborate with Privacy/Legal on data protection and facilitate privacy impact assessments.
  
• Facilitate Business Impact Assessments and oversee Business Continuity testing and updates.
  
• Monitor and report on Security GRC metrics to identify risks and improvement opportunities.
  
• Support change management to ensure security and compliance with minimal disruption.
  
• Coordinate between IT, Security, and Compliance teams to align service delivery with regulatory requirements.
  
• Deliver training and awareness programs, including phishing simulations and compliance education.
  
• Recommend and implement process improvements to reduce risk and enhance operational efficiency.

What You Will Need:

• 5+ years of hands-on experience in Security Governance, Risk & Compliance, with direct responsibility for leading the design, implementation, and ongoing operation of security controls
  
• Strong knowledge of GRC frameworks such as ISO 27001, SOC 2, NIST 800-53, CIS Controls, GDPR, with experience applying them to security control implementation
  
• Proven experience managing audit preparation and evidence for internal and external audits
• Ability to identify, assess, and prioritize risks using risk-based thinking and sound judgment
  
• Skilled at monitoring security and compliance performance through KPIs, SLAs, and OLAs
  
• Strong documentation, analytical, and organizational skills, with attention to detail
• Ability to manage multiple priorities and deadlines in a fast-paced, global environment
  
• Strong communication skills, able to explain technical and compliance concepts to non-technical audiences
  
• Experience working cross-functionally with IT, security, compliance, and business teams to drive security control adoption across geographies
  
• Familiarity with ITIL processes (incident, problem, change, request, asset/configuration management)
  
• Proactive mindset with a commitment to integrity, confidentiality, and continuous learning
  
• Preferred: Experience with IT Service Management, systems administration, and regulated industries (telecommunications, finance, healthcare)
  

Who We Are:

BCM One is a leading telecom provider of NextGen Communications and Managed Services that has been in business for 30 years with more than 18,000 business customers and 5,000 channel partners who rely on our products, services, and teams to support their critical underlying network infrastructure. BCM One is the parent company to our family of brands that includes SIP.US, SIPTRUNK, Flowroute, SkySwitch, and Pure IP.

Joining the BCM One team is a chance to be part of a financially strong company with an exciting growth story; over the past 4 years we’ve brought together leading companies in our space who have built products, services, and programs to innovate and disrupt our industry. Now, operating under one roof, we are taking BCM One to the next level and looking for talented individuals to help make that happen.

When you choose to work at BCM One, you get to work with a talented team and build experience with the leading technologies, suppliers, and partners in our industry. We don’t offer cookie-cutter solutions, so the opportunities are endless, and the work is always varied and interesting. We take our mission “to provide a world-class experience with every human interaction” seriously, which means everything you do makes a difference. And we’re committed to building and nurturing a diverse and inclusive workforce and environment that empowers you to do your best work, spread your wings and reach your full potential. At BCM One, we encourage our team to learn something new every day, so you don’t just become part of our growth story, we become part of yours.

Why BCM One:

We are committed to creating an environment that fosters accountability, innovation, and teamwork. Many BCM One employees have been with the company for 10+ years, which we think says a lot about our culture.

We Are a Team

• We pride ourselves on our team-based approach to providing quality solutions for our clients. BCM One encourages a culture of collaboration, exposing employees to different areas of the business and fostering career growth.
• We support employee involvement and provide opportunities to be responsible stewards via our BCM One Gives Back Program and our Emergency Fund to help our team members who are going through difficult times.

Hard Work is Recognized

• We offer an Employee of the Quarter program with a monetary award and Employee of the Year that includes a 7-day vacation package to the Caribbean. In addition, we host various regional team-building gatherings throughout the year.
• We believe in developing our team members and offer many opportunities for training, professional development and career growth.

Your Voice is Heard

• We empower our team members to speak up and look for opportunities in challenges.
• We have an Employee Council and a Diversity Equity and Inclusion Committee made up of volunteers from across the company who share a passion for making BCM One a great place to work and find ways to positively impact our communities.

How we take care of you:

• Competitive industry salaries
  
• Comprehensive medical, dental, and vision insurance
• Company-provided life and disability insurance
• Matching 401 (k) plan
• Employee Emergency Assistance Fund
• Paid holidays and vacation time
  
• FMLA

BCM One is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by applicable law.