Responsibilities
- Lead and develop a specialized team of GRC professionals, fostering growth and mentorship
- Enhance team expertise in risk assessment and collaboration with technical engineering teams
- Conduct in-depth evaluations of high-impact controls personally
- Create detailed descriptions of complex business and technical processes
- Establish foundational control frameworks for emerging system architectures
- Perform direct assessments of the organization's most critical systems
- Guide the team through key stages of operational development and maturity
- Collaborate across departments to resolve long-standing compliance issues
- Oversee and scale a centralized process for onboarding new compliance requirements
- Engage early with Product, Engineering, and Financial Operations during design phases to integrate security and compliance measures prior to development
- Ensure consistent and efficient compliance pathways for engineering teams
- Lead and supervise thorough internal evaluations of the highest-risk controls
- Focus on critical domains including identity and access management, privileged access, data protection, change management, and AI governance
- Collaborate on the creation of automated reporting dashboards
- Shift evidence collection from manual spreadsheets to real-time data pipelines
- Develop and track key control health indicators (OKIs/PKIs)
- Detect and correct control weaknesses well in advance of audit periods
- Lead proactive assessments to confirm control effectiveness
- Support system owners in resolving compliance gaps collaboratively before audits begin
- Work closely with the Compliance Audit Execution team to deliver fully prepared control packages for external review
- Replace fragmented workflows with seamless, collaborative transitions between teams
- Integrate readiness data and testing outcomes into the wider Security Governance and Risk environment
- Create a cohesive, transparent overview of organizational security posture
Team
Reports directly to the Senior Manager. Leads a sub-team of GRC professionals. Part of the Compliance Onboarding & Readiness team within the broader Security Governance and Risk organization.