Security Governance and Controls Sr. Mgr.
About The Position
CSAA Insurance Group (CSAA IG), a AAA insurer, is one of the leading personal lines property and casualty insurance groups in the United States. Here, every employee shapes our mission. We build innovative, human-centered solutions that help AAA members prevent, prepare for, and recover from life's uncertainties. You will join a collaborative, inclusive culture where your strengths have room to grow and your ideas can drive real impact. Step into a role where you can contribute to our shared success through meaningful work. We are actively hiring for a Security Governance and Controls Sr. Manager - Remote. You will lead the strategy and execution of security governance and compliance programs that protect systems and data while supporting business goals. This role helps shape the company’s security strategy, strengthens compliance, and ensures risks are understood and managed effectively across the organization.
Requirements
- 10+ years in IT, security, or risk/compliance
- 5+ years people leadership
- Bachelor’s degree in Computer Science, Engineering, Business, or related field
- Knowledge of security control frameworks (e.g., NIST, ISO, CIS), regulatory requirements, and audit practices
- Familiar with GRC platforms (Archer) and industry best practices for risk and compliance management.
- Experience in large, matrixed organizations
- Demonstrated ability to adjust focus to meet changing priorities, alteration in strategic directions and shifting customer needs
- Ability to lead executive-level internal and external relationships, including auditors and regulators
Nice To Haves
- Creates a collaborative, inclusive and psychologically safe environment, demonstrating authenticity and fostering trust to inspire and empower team members and colleagues
- Actively shapes our company culture through words and actions (e.g., supporting employee resource groups, mentoring employees, volunteering, joining cross-functional projects, encouraging team member involvement in these activities)
- Champions our cultural norms (e.g., willing to have cameras when it matters: interviewing candidates, building relationships with team members, etc.)
- Translates our enterprise strategy and priorities for their team members to connect to the bigger picture
- Demonstrates a company enterprise mentality, thinking beyond boundaries of their own area
- Travels as needed for role, including enterprise meetings, divisional / team meetings, and other in-person meetings
- Fulfills business needs, which may include investing extra time, helping other teams, etc.
Responsibilities
- Set direction for governance, control frameworks, and compliance programs
- Manage a team (~9) across controls assurance, GRC platform, and audit support
- Partner with Internal Audit, IT, Security, Risk, Legal, and business leaders
- Advise on risk, controls, and regulatory requirements
- Ensure controls are effective, measurable, and audit-ready
- Oversee GRC tools to track risks, issues, and remediation
- Drive continuous improvement aligned to industry standards (NIST, ISO, CIS)
- Lead the governance and compliance programs
- Lead multiple teams delivering controls, standards, and audit support
- Partner with stakeholders, auditors, and vendors
- Assess control effectiveness and overall security posture
- Provide clear recommendations to reduce risk and improve compliance
- Maintain security standards and adapt to regulatory changes
- Use metrics and reporting to drive decisions and performance
- Ensure readiness for audits and regulatory reviews
Benefits
- Total compensation package
- Annual bonus eligibility for most roles
- 401(k) with a company match
- Career Growth opportunities
- Flexible Workplace
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
