Summary of Position: The Director, Governance, Risk & Compliance will be at the forefront of tackling today’s dynamic business environment with more agile ways of working through adoption of sophisticated and emerging technologies to deliver business focused solutions that are innovate, secure, and efficient. The Director will support the transformation and will be responsible for assisting in establishing and maintaining the company’s governance, risk, and compliance program. Principal Duties and Responsibilities:Develop and drive security programs including but not limited to IT governance, compliance, risk management, third/fourth party risk management, security awareness, and privacy management. Enhance and maintain the Governance frameworks, policies, standards and procedures, and response plans. Drive consistency in the way risks are identified, controls are implemented and monitored, and share best practices and learnings across the company.Analyze current risks and identify/monitor emerging risks which can affect the company and work with leaders and IT managers to ensure existing and emerging risks are understood and appropriate mitigations are implemented. Facilitate risk and governance program activities, such as risk assessments, risk exceptions, risk ratings, business risk consultations, risk mitigation and remediation recommendations, and capability maturity assessments. Advise on and maintain oversight of the company’s remediation efforts for risk exposures, gaps, and deficiencies, and complete remediation validation to assess effectiveness of improved controls.Work with company leadership to assist and advise in the development, communication, and execution of Key Risk and Performance Metrics (KRI/KPI) and related tolerances, and establish monitoring reports and develop analysis and reporting to identify and communicate risk insights. Facilitate company compliance of identified controls (ITGCs, Application, Cloud, Cybersecurity, etc.). Identify and resolve technical, operational, risk management, and organizational challenges. Facilitate cross-functional teams to improve capability maturity across the company, to include service level, availability, change, capacity, asset and incident and problem management, and report on progress. Develop and cultivate close working relationships and coordinate with executive and senior partners in other technology departments related to the program. Partner with risk management (first line), internal and external audit, and corporate risk and governance teams (SOX, Regulatory, Project) to support independent reviews and risk assessments. Provide centralized audit and regulatory support in the facilitation of all audit and regulatory assessment requests and remediation efforts. Provide support in the evaluation of risks and controls, particularly when evaluating the risk and controls of high-risk systems and applications. Facilitate and oversee training address identified weaknesses in team member knowledge of regulations, policies, or procedures. Provide support in documenting technology controls and technological landscape.General Overview of Compensation & Benefits:We reasonably expect the base compensation offered for this position to range from $130,000 to $145,000 annualized, subject to adjustment based on business-related factors such as employee qualifications, geographic pay differentials (e.g., cost of labor/living, etc.), and operational considerations.This position may be eligible for performance-based bonuses as determined in the Company’s sole discretion.This position will be eligible for company benefits in accordance with Company policy. We offer a competitive total rewards package including medical, dental and vision coverage along with a broad range of supplemental benefits including 401k Retirement Plan, prepaid legal assistance, and more. We also offer paid time off for vacation, sickness, holiday, and bereavement. We are pleased to be able to provide 100% company paid life insurance and long-term disability insurance. This information is intended to be a general overview and may be modified by the Company due to business-related factors.Applicants may apply for this position via our careers website.Education and Experience Requirements:Bachelor’s degree in Computer Science, Information Systems Security, or related field required. Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), and Certified in Risk and Information Systems Control (CRISC) designations preferred. 5-7 years of experience in a similar role with a proven record of successful development and management of compliance management frameworks at a mid to large-scale enterprise environment. Strong project management skills with inherent ability to drive multiple programs, stakeholders, and teams towards organizational goals. ServiceNow GRC and VRM experience preferred. Experience developing frameworks and processes to drive a risk-based approach to incorporating standard frameworks such as COBIT, ITIL, ISO, and NIST into an enterprise compliance management process.Experience with policy and control development as it relates to meeting compliance requirements from relevant regulations. Ability to influence others at senior levels and establish credibility and working relationships with a wide range of corporate personnel, including technical operations, management, and executives as well as internal audit and external regulators. Capable of establishing and maintaining an effective program structure that emphasizes the coordination of resources across projects, managing deliverables between projects, and the overall costs and risks of the compliance programs. Experience with the development of formal written reports to communicate audit results and recommendations to management and business stakeholders. Excellent verbal and written communication, with the ability to create and present to executive level leaders. Ability to deal effectively with a wide range of vendors, service providers, and regulatory agencies. Ability to facilitate productive meetings and work successfully in a team-oriented environment. Strong ability to handle multiple competing priorities in a fast-paced environment. Hands on experience defining and implementing risk management and control frameworks, policies, standards, procedures, and plans. Ability to interpret and explain complex information to range of stakeholders and build consensus among different stakeholders. Demonstrated leadership skills and ability to work well with others to navigate and effectively handle ambiguity in a dynamic, team-oriented environment. Additional Requirements:Some travel may be required for internal, conference, customer, partner, and vendor meetings. Physical Requirements: This is primarily a sedentary office position which requires the Director, Governance, Risk & Compliance to have the ability to operate computer equipment, speak, hear, bend, stoop, reach, lift, and move and carry up to 25 lbs. Finger dexterity is necessary.#LI-KW