Vice President, Security, Risk & Compliance

Great Day Improvements: A Family of BrandsTwinsburg, OH
4hHybrid
Match Resume

About The Position

Since its founding 13 years ago, Great Day Improvements, LLC has grown rapidly toward its vision of becoming one of the largest home improvement companies in the U.S. Headquartered in Twinsburg, Ohio, Great Day Improvements is a $1.5 billion, vertically integrated, direct-to-consumer provider of premium home improvement products. The company’s family of brands includes Patio Enclosures®, Champion Windows and Home Exteriors®, Universal Windows Direct®, Apex Energy Solutions®, Stanek Windows®, Leafguard®, Englert®, and The Bath Authority. With an expanding workforce of over 4,800 employees across 130 metropolitan markets throughout the U.S., Great Day Improvements continues to rank among the top home improvement companies nationwide and is one of the fastest growing private companies in America. Technology plays a central role in how Great Day grows, competes, and serves customers. The Vice President of Security, Risk & Compliance is a newly created executive role responsible for establishing a disciplined, enterprise-wide approach to security, risk management, and compliance that protects the business while supporting scalable growth. The Vice President of Security, Risk & Compliance will lead the company’s security, compliance, and risk management functions. This role has end-to-end accountability across security operations, risk, and compliance, ensuring alignment between technical security execution and enterprise governance. A major focus of the role will be putting the right standards, controls, and governance in place to protect the business, reduce risk, and support growth, including establishing a SOX-aligned control environment for the company, with the policies, processes, and accountability needed to strengthen financial and IT controls as the company continues to mature its control environment. This leader will work across IT, Finance, Marketing, and business unit teams to define control requirements, improve security and compliance practices, and build a more disciplined approach to risk management. The role also provides executive leadership with clear visibility into the company’s security, compliance, and operational risk posture. The right candidate will know how to build the right level of control without creating unnecessary processes or slowing the business down, while enabling the business to scale with confidence. Location: Twinsburg, OH (Hybrid)

Requirements

  • 12–15+ years in cybersecurity, risk, or compliance, with 5+ years in senior leadership roles (VP/CISO/Head of GRC)
  • Proven ownership of enterprise GRC programs, not just participation
  • Deep experience with: Risk management frameworks and governance models Security operations and incident response Regulatory compliance (SOX, ITGC, privacy laws)
  • Demonstrated experience leading audits, regulatory engagement, and control remediation
  • Track record of translating risk into business impact for executive audiences
  • Experience building and scaling cross-functional teams and programs

Nice To Haves

  • Experience in public or highly regulated environments
  • Background in cloud security and DevSecOps
  • Experience implementing GRC platforms and automation tools
  • Exposure to M&A due diligence and integration (security/compliance)
  • CISSP
  • CISM
  • CISA
  • CRISC
  • CIPP

Responsibilities

  • Own and operate the enterprise Governance, Risk, and Compliance (GRC) program
  • Define and maintain risk appetite, tolerance, and escalation frameworks in partnership with executive leadership
  • Establish and drive a risk-based decision-making model across technology and business domains, including clear recommendations and escalation of risk decisions to executive leadership as appropriate
  • Lead enterprise-wide risk identification, assessment, mitigation, and acceptance processes
  • Provide clear, actionable visibility into enterprise risk for the CTIO and executive leadership
  • Define and execute a modern cybersecurity strategy aligned with business priorities, including security operations and control effectiveness
  • Oversee Security Operations (SOC), ensuring effective monitoring, detection, and response
  • Lead incident response, including executive communication and post-incident accountability
  • Drive maturity across: Threat detection and response Vulnerability management Security architecture and engineering
  • Embed security into infrastructure, applications, and cloud environments
  • Establish and enforce application security practices, including secure development standards and integration with development processes
  • Own compliance with: SOX / ITGC controls PCI S. data privacy laws (CCPA/CPRA)
  • Build and operate a continuous compliance program, not audit-driven cycles
  • Lead internal and external audit strategy, execution, and remediation
  • Ensure controls are designed, implemented, and operating effectively across the enterprise
  • Partner with Legal, Finance, and business leaders to align compliance with business growth and regulatory expectations.
  • Establish a scalable GRC operating model with clear ownership across business and technology teams
  • Implement governance structures including: Risk committees Control ownership frameworks Policy management processes
  • Drive adoption of GRC platforms and automation for visibility and control tracking
  • Establish accountability for risk and compliance across the organization.
  • Own Identity & Access Management (IAM) strategy and governance
  • Enforce least privilege, segregation of duties, and access lifecycle controls
  • Define and enforce data classification, protection, and retention policies
  • Oversee compliance with data privacy and cross-border data regulations
  • Establish and lead a third-party risk management program
  • Define and enforce security and compliance requirements for vendors, including risk assessments and ongoing oversight
  • Integrate vendor risk into enterprise risk reporting and decision-making
  • Own disaster recovery (DR) and business continuity planning (BCP)
  • Align resilience strategies with business impact and risk tolerance
  • Ensure operational readiness for cyber and operational disruptions
  • Build and lead a multi-functional organization across: Security Operations Security Engineering Risk & Compliance IAM Vulnerability Management Red Team / Testing
  • Develop leadership capability and succession planning
  • Drive a company-wide security and risk-aware culture

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Executive

Education Level

No Education Listed

Number of Employees

501-1,000 employees

Job Search Resources

Similar Vice President, Security, Risk & Compliance job opportunities

Assistant Vice President, Financial Crime Compliance Risk
CLS-Group
CLS-Group • Iselin, NJ9d
Compliance - Operational Risk Management Lead - Vice President
JPMorganChase
JPMorganChase • Plano, TX11d
Compliance Risk Management Lead (Travel) – Vice President
JPMorgan Chase & Co.
JPMorgan Chase & Co. • Wilmington, DE13d
🔥 New JobCompliance - Operational Risk Management Lead - Vice President
JPMorgan Chase & Co.
JPMorgan Chase & Co. • Plano, TX1d
Vice President, Risk Management
OneDigital
OneDigital • Rockwall, TX6d
Risk Reporting - Vice President
JPMorgan Chase & Co.
JPMorgan Chase & Co. • Tempe, AZ2d
Explore More Jobs

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service