Jobs · Information Technology · California

Sr. Manager, Compliance, Governance & Assurance

Stellarus · California, United States · 1 wk ago
HybridInformation Technology$149k–$223k/yrFull-time

About the role

The Information Security team is seeking an experienced Senior Manager, Compliance, Governance & Assurance reporting to the Senior Director, Governance, Risk & Compliance (GRC).

Responsibilities

  • Lead and mature the enterprise compliance program, ensuring ongoing alignment with regulatory, contractual, customer, and industry requirements.
  • Own the organization's compliance and certification portfolio, including SOC 2, ISO 27001, HIPAA, HITRUST, and other applicable frameworks, driving audit readiness and successful certification outcomes.
  • Develop and maintain compliance and governance roadmap aligned with organizational priorities, risk management objectives, and business growth.
  • Establish and oversee governance processes, metrics, and reporting that provide leadership visibility into compliance posture, risks, and program effectiveness.
  • Monitor evolving regulatory and industry requirements and translate them into actionable governance, policy, and control improvements.
  • Establish and mature the enterprise policy governance lifecycle, including policy development, review, approval, communication, exception management, and periodic maintenance.
  • Build and operationalize a risk-based internal assurance function to evaluate compliance with policies, standards, regulatory obligations, and control requirements.
  • Define and execute assurance methodologies, testing programs, and monitoring activities to assess control effectiveness and identify opportunities for continuous improvement.
  • Develop a small, stable set of compliance and assurance health indicators that can be reported regularly to leadership.
  • Define reusable compliance and governance capabilities, including policy management processes, assurance testing frameworks, control assessment methodologies, and audit readiness programs.
  • Partner with Internal Audit, Security, Privacy, Legal, Risk Management, and business leaders to coordinate audits, assessments, certifications, and customer due diligence activities.
  • Lead remediation governance, ensuring findings, recommendations, and observations are appropriately prioritized, tracked, and resolved in a timely manner.
  • Serve as a trusted advisor to leadership on compliance, governance, and assurance matters.
  • Leverage automation and Artificial Intelligence capabilities to improve compliance monitoring, evidence management, assurance activities, and operational efficiency.
  • Manage a team with focus on policy and strategy implementation.
  • Foster a culture of continuous learning, psychological safety, and security advocacy across the broader organization.

Qualifications

  • A minimum of 8 years of progressive experience in compliance, governance, risk management, audit, assurance, or related disciplines.
  • Bachelor's degree or higher in Business, Information Systems, Cybersecurity, Risk Management, Accounting, Finance, Public Policy, or a related field.
  • A minimum of 4 years of people leadership experience with direct responsibility for supervising, coaching, and developing team members.
  • Proven experience managing compliance programs and certification frameworks including SOC 2, ISO 27001, HIPAA, HITRUST, and similar industry standards.
  • Demonstrated experience leading audits, assessments, remediation programs, and control maturity initiatives.
  • Experience building or significantly maturing compliance, governance, assurance, or policy management programs.
  • Strong understanding of governance, risk, compliance, internal control, and audit frameworks.
  • Exceptional communication and stakeholder management skills, including experience influencing senior leadership and partnering effectively across Security, Privacy, Legal, Risk Management, Internal Audit, and business functions.
  • Demonstrated ability to influence cross-functional teams and drive organizational change in complex environments.

Leadership Competencies

  • Ability to define and execute a strategic vision for compliance, governance, and assurance maturity.
  • Skilled at leading through influence across security, legal, privacy, audit, technology, and business teams.
  • Applies metrics, risk-based decision-making, and evidence-based reasoning to prioritize investments and remediation activities.
  • Thrives in fast-paced and evolving environments while maintaining operational rigor and accountability.
  • Passionate about building scalable programs, improving organizational effectiveness, and developing future leaders.
  • Translates complex compliance and governance concepts into clear business language and builds trust with technical and non-technical stakeholders alike.

Similar jobs