Information Security GRC Specialist – Compliance and Technical Lead

Posted on 5/1/2024

Western Digital

Western Digital

10,001+ employees

Provides high-performance data storage solutions

Data & Analytics

Senior, Expert

Irvine, CA, USA

Required Skills
  • Bachelor's degree in Information Security, Computer Science, or equivalent work experience.
  • 8+ years of experience in information security, including risk management, risk assessments, reporting, and metrics analysis, and hands-on with at least one of the following: security engineering, network security, identity and access management, security operations, and/or software development security.
  • 3+ years of experience in technical roles, or similar technical proficiency required.
  • Proficiency in risk assessment methodologies, tools, and techniques.
  • Experience in conducting risk assessments, vulnerability assessments, and compliance audits.
  • Strong understanding of information security frameworks, standards, and best practices (e.g., ISO 27001, NIST, GDPR).
  • Experience in generating and interpreting information security metrics and reports.
  • Excellent analytical and problem-solving skills with attention to detail.
  • Strong communication and interpersonal skills, with the ability to explain complex security concepts to non-technical stakeholders.
  • Ability to work independently and collaboratively in a fast-paced environment.
  • Experience in building and maturing information security risk management practices.
  • Relevant certifications such as CISSP, CISM, CRISC, GSNA or similar are highly desirable.
  • Technical certifications such as GCIH, GPEN, CEH, OSCP or similar are highly desirable.
  • Lead technology and security compliance programs that meet industry standards, regulatory requirements, and organizational objectives.
  • Lead technical assessment activities to identify, evaluate, and prioritize information security risks across the organization, including threats, vulnerabilities, and potential impacts to information and technology assets.
  • Develop and drive implementation of effective risk management strategies to mitigate identified risks, ensuring alignment with industry best practices and regulatory requirements.
  • Develop comprehensive metrics and dashboards to communicate the status of information security risks to stakeholders and leadership.
  • Analyze security data to identify trends, vulnerabilities, and areas for improvement.
  • Collaborate with internal and external auditors to facilitate security audits and assessments.
  • Collaborate across the organization to ensure the integration of risk management practices into organizational processes and projects.
  • Stay current with industry trends, emerging threats, and best practices for information security and risk management.
  • Provide expert technical guidance and support in developing and maintaining information security policies, standards, and procedures.
  • Implement enterprise-wide risk management frameworks that align with industry standards (e.g. ISO27001, NIST, etc).

Western Digital specializes in high-performance data storage solutions, offering SSDs, HDDs, USB drives, and memory cards designed to power current technology and drive future innovations.

Company Stage


Total Funding



San Jose, California



Growth & Insights

6 month growth


1 year growth


2 year growth



Paid sick leave & vacation time

Medical/dental/vision insurance

Life, accident, & disability insurance

Tax-advantaged flexible spending and health savings accounts

Employee assistance program

Tuition reimbursement

Employee stock purchase plan

Western Digital Savings 401(k) Plan