Senior Governance Lead

Hearst•New York, NY

22h•$165,000 - $175,000

About The Position

Hearst Technology’s Governance, Risk & Compliance (GRC) organization is seeking a Senior Governance Lead to drive enterprise IT governance strategy, policy architecture, and IT governance program maturity across Hearst’s diverse portfolio of businesses. This role is responsible for shaping how cybersecurity and technology governance practices are defined, implemented, and adopted across Hearst companies. The ideal candidate is a strategic governance leader who can design scalable governance frameworks, harmonize policies across organizations, and build trusted relationships with technology and security leaders across the enterprise. Because Hearst operates in a federated environment, success in this role requires strong collaboration skills and the ability to influence governance adoption across multiple independent businesses. Hearst is also accelerating the use of AI-driven technologies to drive productivity and customer-focused innovation. Experience or familiarity with AI governance or emerging technology risk is a strong advantage.

Requirements

Bachelor’s degree in Information Technology, Computer Science, Information Systems, Cybersecurity, Business Administration, or a related discipline required. Equivalent experience may be considered in lieu of formal education.
8+ years of experience in IT governance, cybersecurity governance, or GRC
Experience developing governance frameworks, policies, or enterprise standards
Experience working in large enterprise or multi-business organizations
Strong stakeholder management and executive communication skills
Experience with governance frameworks such as NIST, COBIT, or ISO 27001

Nice To Haves

Experience working in federated organizations
Familiarity with AI governance or emerging technology risk
Experience developing executive-level metrics and dashboards
Experience with modern GRC Engineering concepts, including one or more of the following: Governance automation or GRC platform engineering Continuous compliance monitoring Policy-as-code or machine-readable governance frameworks
Certifications such as CISM, CRISC, CISSP, CISA, or CGEIT

Responsibilities

Design and evolve the enterprise IT and cybersecurity governance framework for Hearst Technology.
Establish and mature governance operating models, working groups, and decision forums.
Align governance practices with industry frameworks such as NIST, ISO 27001, and COBIT to support regulatory and assurance requirements, including PCI, HIPAA, SOX, and SOC 2.
Own the enterprise information security policy architecture and lifecycle, including harmonization across Hearst companies and management of reviews, approvals, exceptions, and communications.
Partner with CISOs, CIOs, security leaders, and business stakeholders across Hearst companies to enable adoption of enterprise governance practices.
Facilitate governance discussions and decision-making across enterprise and business leadership forums.
Partner with the cybersecurity data engineering function to define governance KPIs, reporting frameworks, and executive reporting on governance maturity and risk visibility.
Support governance for AI, automation, and emerging technologies by establishing guardrails that enable innovation while managing risk.
Identify opportunities to improve governance scalability through analytics, automation, and AI.

Benefits

Hearst provides a competitive benefits package, including medical, dental, vision, disability, and life insurance, 401(k), paid holidays and paid time off, employee assistance programs, and more.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume