The Senior Cyber Governance, Risk, and Compliance (GRC) Specialist is responsible for developing and implementing a comprehensive cybersecurity risk management program for the firm. Reporting to the Director of Cyber GRC, this role involves engineering a data-driven risk and control framework to assess cyber, technology, and operational risks continuously, track issues to resolution, and provide reports to Cybersecurity leadership and stakeholders. The specialist will offer strategic insights to enhance risk management and compliance across global operations and meet client requirements.

This role requires hands-on collaboration with IT and Cybersecurity leadership and technical experts. Key responsibilities include defining and managing the firm’s risk management program, conducting risk assessments, and developing mitigation strategies. The specialist ensures compliance with industry standards (e.g., ISO 27001:2022, CMMC, NIST 800-171), leads the firm’s cyber governance forum, and curates Key Performance and Risk Indicators. They also assess and improve business resilience and continuity plans while upholding strict confidentiality and integrity regarding sensitive information.

Candidates should possess a bachelor’s degree in Computer Science or Engineering, 10+ years of risk management experience, relevant certifications (e.g., CISSP, CISM), and a proven ability to manage complex projects. This remote, exempt position offers a salary range of $129,000 to $188,000 based on experience and location.