Vice President, Cyber Governance, Risk & Compliance
About The Position
We are seeking a seasoned Vice President of Cyber Governance, Risk & Compliance to lead the strategy, execution, and continuous maturation of our cybersecurity governance, risk, and compliance program. Reporting to the Chief Information Security Officer, this leader will oversee the frameworks, processes, and teams responsible for cyber risk governance, regulatory readiness, policy management, control assurance, and third-party cyber risk oversight. This executive will serve as a key strategic partner to the CISO and senior leadership team, translating complex cyber and technology risks into actionable business insights while ensuring the organization maintains a strong control environment appropriate for a highly regulated financial services institution. The ideal candidate brings extensive experience building and scaling cyber GRC programs within complex, regulated environments and has demonstrated success leading teams through program transformation and maturity uplift.
Requirements
- Bachelor’s degree required; advanced degree preferred.
- 15+ years of experience in cybersecurity, technology risk, audit, compliance, or governance roles.
- 7+ years of people leadership experience with increasing organizational scope.
- Proven experience building, transforming, or materially uplifting cyber GRC programs in financial services or similarly regulated industries.
- Deep knowledge of cybersecurity governance, financial services regulatory expectations, security/control frameworks, audit/regulatory exams, and third-party cyber risk programs.
- Possesses at least one of the following professional credentials (or other industry-related credential): CISSP, CRISC, CISM or CISA
Nice To Haves
- Assess and baseline current cyber GRC maturity.
- Deliver a prioritized GRC uplift roadmap.
- Improve executive and Board cyber risk transparency.
- Strengthen regulatory and audit readiness.
- Mature policy, exception, and issue management processes.
- Enhance first-line ownership of cyber and technology risk.
Responsibilities
- Lead the cyber GRC function and define strategic roadmap, operating model, and maturity targets.
- Maintain governance structures supporting cyber risk decision-making, escalation, and executive oversight.
- Drive cyber risk appetite, exception management, and risk acceptance processes.
- Oversee cyber and technology risk assessment methodologies and execution.
- Develop and maintain executive and Board-level cyber risk reporting and metrics.
- Lead preparation and coordination for regulatory exams, internal/external audits, and customer assessments related to cybersecurity.
- Oversee control framework management, evidence programs, and issue remediation governance.
- Own lifecycle management of security policies, standards, and governance documentation.
- Oversee cyber due diligence and ongoing risk monitoring for third-party vendors, partners, and strategic providers.
- Build, mentor, and scale a high-performing GRC team.
Benefits
- Short-term incentives
- Multiple health insurance options
- Accident and life insurance
- Access to best-in-class development platforms
- Parental Leave
- Family First Programs
- Medical, Dental, and Life Insurance
- Tuition Repayment Assistance Program
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Executive
