Director, Global Governance, Compliance and Risk

About The Position

Requirements

• 7+ years of experience in governance, risk management, security compliance, or similar disciplines backed by leading industry certifications such as CISSP, CRISC, CISM, PMI-RMP, CGEIT, ISO 31000 and FAIR.
• Deep understanding of leading security, privacy and compliance frameworks (e.g., SOC 2, ISO 27001, NIST CSF, PCI-DSS, GDPR, CCPA).
• Demonstrated experience managing audits end‑to-end, including preparation, evidence gathering, stakeholder coordination, and remediation tracking.
• Proven ability to build, enhance, and maintain governance processes and cross‑functional compliance programs.
• Excellent documentation, communication, and stakeholder‑management skills, with the ability to influence at all levels.
• Demonstrated leadership in managing and developing teams of GRC professionals, fostering collaboration and high performance.

Nice To Haves

• AuditBoard experience preferred.

Responsibilities

• Own and continuously mature the organization’s governance and policy management framework, ensuring policies are current, aligned with best practices, and effectively adopted.
• Lead the enterprise risk management program, including risk identification, assessment, reporting, and tracking of remediation activities.
• Manage and oversee external and internal audits end‑to-end, including SOC 2, ISO 27001, PCI-DSS, and customer assessments.
• Maintain and advance the company’s information security control framework, ensuring proper design, implementation, and ongoing assurance activities.
• Partner with cross‑functional teams to build, maintain, and monitor compliance programs across the business.
• Develop governance reporting for executive leadership, articulating program maturity, risk posture, and compliance status.
• Drive continuous improvement in GRC processes, automation, and tooling to increase efficiency and effectiveness.
• Oversee and direct the organization's GRC initiatives to achieve and maintain compliance with relevant regulations and certifications, including ENS, Lince, the CRA Cybersecurity Resiliency Act, and the EU AI Act, ensuring that all requirements are fully satisfied and sustained.

Benefits

• A team where you can voice your opinion, make an impact, and where you and your experience are valued.
• Internal mobility – there are opportunities for cross training and the ability to attain your next career step within Barracuda.
• Equity, in the form of non-qualifying options
• High-quality health benefits
• Retirement Plan with employer match
• Career-growth opportunities
• Flexible Time Off and Paid Time Off benefits
• Volunteer opportunities