Director of GRC Compliance

A company is looking for a Director of Governance, Risk, and Compliance (GRC).

Key Responsibilities

Develop, implement, and maintain the enterprise GRC framework and security governance policies

Lead enterprise-wide risk assessments and manage compliance with relevant frameworks

Build and lead a high-performing GRC team while collaborating with engineering and DevSecOps teams

Qualifications

~15 years of experience in Information Security and IT, with at least 10 years in risk and compliance leadership

Deep understanding of GRC frameworks and regulatory standards (NIST, FedRAMP, ISO, SOC, CMMC)

Experience in regulated industries such as defense, federal, or financial sectors

Bachelor's degree in Computer Science, Information Security, or related field (Master's preferred)

Relevant certifications strongly preferred (CISSP, CISM, CRISC, CISA, CCISO)