Governance, Risk & Compliance (GRC) Lead (VP-Level)

United States, New York
Permanent
Job ID: 2104

Job Description

[c. $300-400k Comp Package, Remote Working on Fridays]

Our esteemed client, a global investment leader with a robust commitment to delivering creative capital solutions and generating superior risk-adjusted returns, is in search of a Vice President - IT Security (Governance, Risk & Compliance). This role is pivotal in steering the firm’s comprehensive GRC program, ensuring alignment with the highest standards of regulatory compliance and security framework integration.


Key Responsibilities:

  • Lead the enhancement of the firmwide GRC program, ensuring robust security governance and compliance with regulatory standards
  • Drive cross-functional collaboration across IT, Compliance, Legal, and HR to align internal protocols with security frameworks
  • Conduct rigorous risk assessments, oversee Business Continuity/Disaster Recovery policies, and manage 3rd party/vendor risk programs
  • Inform leadership of risk analysis outcomes, proposing tailored solutions and advising on security governance measures
  • Ensure compliance with frameworks such as NIST CSF, ISO, GDPR, SOX, SOC1/SOC2, and manage security certifications
  • Establish and maintain information security risk metrics, oversee policy and procedure maintenance, and lead audit efforts for internal security controls
  • Respond to inquiries from regulators and auditors, develop cybersecurity risk and compliance tracking tooling, and manage the Employee security training program


Key Requirements:

  • An undergraduate degree in a relevant field
  • 7+ years of experience in Information Security and 5+ years in risk, compliance, or regulatory management/reporting
  • Proficiency in SOC, SOX audits, and 3rd party/vendor risk management, coupled with strong policy documentation skills
  • In-depth knowledge of Cyber Security regulations, best practices, and frameworks like ISO27002, FFIEC/FSSCC, NIST
  • Exceptional communication skills and a deep understanding of risk management principles, security functions, and compliance automation

Apply for this role

All fields marked with * are required.

I confirm I have a pre-existing Right to Work in this location *

Back to Job Listings