Jobs · Manufacturing

VP Cyber GRC, Vendor Management & Awareness

Mariner · United States · 3 wk ago
RemoteRemoteManufacturing$185k–$275k/yrFull-time

Job Summary

Reporting to the Chief Information Security Officer (CISO), the VP of Cyber GRC (Governance, Risk and Compliance), Vendor Management & Awareness leads the Cyber GRC, Third-Party Vendor Risk Management, and Security Awareness teams, building scalable governance capabilities to support the enterprise and IT governance programs. This leader ensures the organization meets regulatory compliance, advances cyber risk management and AI governance, and maintains policy alignment across all functions.

Essential Duties And Responsibilities

  • Establish and lead the Cyber GRC function, including the development of cybersecurity policies, implementation of control frameworks (NIST CSF 2.0, CIS Controls v8, ISO 27001), compliance monitoring, and audit readiness aligned with SEC, FINRA, and state regulatory requirements (e.g., NYDFS).

  • Oversee the third-party vendor risk management program from a cybersecurity perspective, including vendor security assessments, contract security requirements, ongoing monitoring of key vendors, and integration with enterprise procurement to ensure security and AI considerations are embedded and keep pace with business needs.

  • Build and enhance the enterprise security awareness and training program, incorporating phishing simulations, role-based training, security culture assessments, and executive initiatives to measurably reduce human-related security risks.

  • Lead AI governance strategy in cybersecurity, including acceptable use policies, model risk analysis, risk tiering of use cases, and oversight of third-party AI tools to meet emerging regulatory standards and support digital workforce initiatives.

  • Develop a cyber risk management capability that produces quantified risk posture reporting, key risk indicator dashboards, and board-level cyber risk intelligence connecting program performance to business strategy and investment priorities.

  • Collaborate with Security Architecture & Engineering, Monitoring & Response, Legal, and enterprise IT governance to integrate cyber GRC into strategic planning, mergers & acquisitions, product launches, and change management.

  • Represent the cybersecurity organization to regulators, auditors, and third-party assessors; support examination management, regulatory response, and supervisory engagement in partnership with the CISO.

Required Education And Experience

  • 15+ years of progressive cybersecurity and risk management experience in leadership roles within large, complex enterprises—particularly in financial services, insurance, technology, or media. Proven ability to lead at the executive level and build mature security programs from the ground up.

  • Direct experience in financial services required; strong understanding of regulatory environments and examination processes in banking, insurance, or capital markets, including the ability to rapidly develop expertise in wealth management regulatory requirements (SEC, FINRA, NYDFS).

  • Demonstrated success building and maturing technology risk management, security assurance, and compliance programs at scale; experience launching new security functions and revitalizing underperforming programs.

  • Experience designing and implementing security metrics programs, risk quantification frameworks, and executive-level reporting to link cybersecurity performance with business outcomes; ability to translate technical risks for board and senior leadership.

  • Strong strategic advisory skills and cross-functional leadership, with the ability to collaborate with CISOs, CIOs, and business executives to align security strategy with business goals, and to influence across engineering, legal, finance, and operational teams.

Required License/Certification

  • Relevant certifications preferred: CISSP, CISM, CRISC, CISA, CGEIT, or equivalent.

Similar jobs

Cyber GRC Analyst

News CorpAustin, TX· 2 wk ago
Engineeringapply on dowjones.wd1.myworkdayjobs.com

Cybersecurity GRC Manager

Excelitas Technologies Corp.Pittsburgh, PA· 2 wk ago
Information Technologyapply on jobs.excelitas.com