SVP, Cyber Governance, Risk and Compliance

About The Position

Requirements

• Minimum of 15 years of progressive experience in cybersecurity, with at least 7-10 years in a senior leadership role focused on GRC.
• Intimate knowledge of SoX, SoC2, ISO27K, NYDFS regulation and relevant international equivalents are required.
• Proven experience in a complex, global organization, preferably within a highly regulated industry (e.g., financial services, healthcare, technology).
• Demonstrated track record of successfully building and leading enterprise-wide GRC programs.
• Prior Board exposure in public companies.
• Bachelor's degree in Information Systems, Computer Science, or a related field is preferred.
• Adherence to Company policies, sound judgment and trustworthiness, working safely, communicating respectfully, and safeguarding business operations, confidential and proprietary information, and the Company’s reputation are also essential expectations of this position.

Nice To Haves

• ISACA, CISA, CISSP, CISM, or CRISC certifications are a plus.

Responsibilities

• Develop and execute a comprehensive, long-term GRC strategy aligned with business objectives and regulatory requirements.
• Present regularly to the Board and executive team on cyber risk posture and program effectiveness.
• Oversee the design, implementation, and operation of the cybersecurity governance framework, policies, and standards (e.g., NIST, ISO 27001, CIS).
• Manage and mature the cyber security policy lifecycle, including development, communication, and enforcement.
• Lead the enterprise-wide cyber risk management program, including risk identification, assessment, mitigation, and reporting.
• Lead an international group of senior security and business risk liaisons to disseminate and enforce regional and corporate compliance, offer central security services such as advisory and technology.
• Ensure the company's adherence to all relevant national and international cyber security regulations and compliance standards (e.g. SOX, PCI-DSS, NYDFS, etc.).
• Act as the primary point of contact for external and internal audits related to cyber security, overseeing the remediation of any findings.
• Build, mentor, and lead a high-performing team of GRC professionals.
• Build strong relationships with internal and external partners, including legal, HR, IT, and business leaders, as well as regulators and industry peers.

Benefits

• Day-one eligibility for medical, dental, and vision coverage, plus supplemental plan options.
• Spousal, domestic partner, and other eligible dependent coverage is available on select plans.
• Tax-advantaged HSA and FSA accounts.
• Company-paid basic life and AD&D.
• Optional voluntary life and AD&D for you and your family.
• Short- and long-term disability.
• Legal plan.
• Pet insurance.
• Travel accident coverage.
• Adoption assistance.
• Fertility planning coverage.
• Caregiver support.
• Dependent Care FSA for possibility of an employer match.
• Complimentary Care@Work membership.
• Up to 12 weeks of paid parental leave with eligibility for a thoughtful, gradual return.
• 401(k) with employer match.
• Employee Stock Purchase Plan (ESPP).
• Financial wellness resources.
• Career coaching.
• Optional long-term care insurance.
• Tuition reimbursement.
• Flexible time off for exempt employees or paid time off for nonexempt employees.
• Up to 12 paid holidays per year.
• Commuter benefits.
• Employee discounts.
• Charitable gift matching.
• Paid volunteer time off.
• Corporate volunteer events.
• 24/7 support including professional therapy, coaching, and emotional well-being programs.
• Guided meditation and resources that support physical, mental, social, and financial wellness.