AVP Cyber Governance

About The Position

Requirements

• Proven leadership experience within cybersecurity governance, risk, or assurance functions.
• Strong understanding of NIST CSF, NIST 800-53, vendor security controls, and application security principles.
• Ability to evaluate risk, drive remediation, and influence senior stakeholders.
• Experience leading workflow automation or low-code development teams.
• Exceptional communication skills with the ability to simplify complexity for executives and business partners.
• Process-oriented builder who brings structure, discipline, and continuous improvement to programs and teams.
• High School Diploma or equivalent required
• 6+ years of experience in large and complex business environments with a successful track record working directly with senior-level management required
• 5-7 years of experience in one or more of the following domains: Cybersecurity, Information Security, Network Engineering or Operations, Information, Technology, Application Development, Access Control, Security Governance, Risk Management, Software Development Security, Cryptography, Security Architecture and Design, Operational Security, Business Continuity & Disaster Recovery, Legal Regulations, Investigations and Compliance, Physical (Environmental) Security, IT or Security Audit, IT or Security Compliance required

Nice To Haves

• Bachelor’s Degree or equivalent experience preferred
• Information Security Certifications preferred

Responsibilities

• Lead and develop the Vendor Risk, Application Risk, Findings Management, and Cyber Process Automation teams.
• Oversee third-party cybersecurity risk assessments, risk scoring, evidence reviews, and remediation workflows.
• Manage application risk assessments and ensure accurate control evaluation and response.
• Direct the full lifecycle of cybersecurity findings, including documentation, tracking, aging, remediation, validation, and reporting.
• Guide the Cyber Process Automation team in building scalable workflows, dashboards, and data integrations to improve efficiency and program maturity.
• Maintain and enhance cybersecurity procedures aligned with NIST CSF and NIST 800-53.
• Deliver clear, executive-ready reporting on risk posture, findings, and program performance.
• Serve as a trusted advisor who can translate cybersecurity risk into actionable, business-aligned recommendations.

Benefits

• Generous benefits package available on day one to include: 401K matching, bonding leave for new parents (12 weeks, 100% paid), tuition assistance, training, GM employee auto discount, community service pay and nine company holidays.
• Competitive salary and bonus eligibility; this role is eligible for company vehicle program.
• Flexible hybrid work environment, 4-days a week in office.