Governance, Risk & Compliance Director

About The Position

Requirements

• Requires a degree or equivalent
• Requires 8 years of minimum prior relevant experience
• Strategic Planning
• Cybersecurity
• Governance, Risk and Compliance (GRC)
• Risk Assessment
• Regulatory Compliance
• Project Management
• Cloud Security
• Metrics Management
• Team Management and Team Building
• Risk Management

Responsibilities

• Develops, maintains, and executes the BT GRC strategy and roadmap in alignment with organizational information security and business objectives, including setting strategic direction, policies, and standards
• Develops and maintains policies, processes, procedures, and standards to support GRC and Cybersecurity requirements based on selected industry and regulatory frameworks. Collaborates with business units, legal, and HR to ensure consistent policy application, awareness, and alignment with organizational goals
• Manages the BT risk management program, including identification, assessment, mitigation, and reporting of cyber and technology risks, and maintains the risk register for leadership visibility.
• Ensures GRC strategy covers security and privacy frameworks, adapting to changes in legislation and regulation. Stays current with evolving national, state, and local privacy laws and framework impacting security and data governance
• Translates GRC requirements into actionable guidance for stakeholders, ensuring compliance or identifying compensating controls as needed. Maintains a compliance calendar and ensures timely execution of required activities such as policy reviews, annual training, risk assessments, and gathering compliance artifacts
• Drives remediation plans and risk treatment strategies in collaboration with technology and business leaders, ensuring adherence to internal and external requirements
• Lead and support internal and external audits, including readiness assessments, remediation activities, and serve as the primary contact for third-party auditors and assessors
• Performs other duties as required or assigned, which are reasonably within the scope and responsibility of the job level and family.

Benefits

• Compensation – Our goal is to ensure you have a competitive base salary. That’s why we regularly review the market value of jobs and make adjustments, as needed.
• Performance and Recognition – You are rewarded for achieving success through annual salary planning and incentive programs; Based on the type of position
• Benefits – We offer a wide array of benefits including medical, dental, vision, disability, and life insurance, along with a robust retirement program that includes an employer match and automatic contribution. As a mark of our commitment to employee well-being, we also offer an employee assistance program, employee wellness program and telemedicine, and medical consultation.
• Professional Development – You can join one of our many Employee Resource Groups (ERG) or be a mentor/mentee in our professional mentoring program. HeartU is the Association’s national online university, with more than 100,000 resources designed to meet your needs and busy schedule.
• Work-Life Harmonization – The Association offers Paid Time Off (PTO) at a minimum of 16 days per year for new employees. The number of days will increase based on seniority level. You will also have a total of 12 paid holidays off each year, which includes several days off at the end of the year.
• Tuition Assistance - We support the career development of all employees. This program provides financial assistance to employees who wish to further their education and career in relation to their current duties and responsibilities, or for potential future positions in the organization.