10+ years of progressive experience in governance, risk, compliance, information security, or enterprise risk management, including 5+ years in senior leadership roles + Proven success building, scaling, or transforming enterprise GRC programs in complex, regulated environments + Strong executive presence with the ability to influence senior leaders and translate risk into business-relevant outcomes + Deep expertise across cybersecurity risk, IT risk, enterprise risk, third-party risk, and regulatory compliance frameworks + Demonstrated experience partnering closely with a CISO and security leadership to align risk, compliance, and security strategy + A track record of advancing compliance from point-in-time audits to continuous readiness and control optimization + Experience developing executive-level dashboards, metrics, and reporting for senior leadership, audit committees, or Boards + Strong cross-functional leadership skills, with the ability to align Legal, Technology, Finance, HR, and business teams around shared risk ownership + Familiarity with leading GRC platforms and automation tools (e.g., ServiceNow GRC, Archer, OneTrust) + Excellent written and verbal communication skills, with the judgment to operate effectively in high-impact, ambiguous situations We've got you covered. + Partner closely with the Chief Information Security Officer (CISO) to shape and execute a modern, enterprise-wide GRC strategy aligned to business priorities and risk appetite + Lead governance, risk, and compliance programs that enable secure growth while maintaining regulatory rigor across a complex, customer-facing organization + Translate cybersecurity, regulatory, and enterprise risk into clear, actionable insights for executive leadership and senior stakeholders + Review and guide enterprise risk assessments across cyber, IT, third-party, and operational domains, ensuring risks are understood, prioritized, and actively managed + Oversee internal and external audit activities, ensuring strong coordination, timely remediation, and continuous readiness rather than point-in-time compliance + Drive executive- and Board-level risk reporting through dashboards, metrics, and storytelling that inform decision-making + Partner daily with Legal, Technology, Finance, HR, and business leaders to embed risk management into strategy, transformation initiatives, and vendor relationships + Lead and develop a high-performing GRC organization, setting clear priorities, accountability, and operating rhythms + Evaluate and optimize GRC tools and platforms, advancing automation and scalable risk and compliance management + Stay ahead of emerging regulatory requirements, industry trends, and best practices, advising the CISO on implications and recommended actions You Own This if You Have.