Location:

Charlotte, North Carolina, 28202, United States

Posted:

07-14-2026

Sector:

Information Technology

Work Type:

Executive Search

Reference:

69207

Contact sales

We’d love to see how we can streamline your hiring together.

Request a demo
Black heart icon on a white background.
Contact sales

We’d love to see how we can streamline your hiring together.

Request a demo
Black heart symbol on a white background.
Contact sales

We’d love to see how we can streamline your hiring together.

Request a demo
Black heart on white background.
Create an alert for this job
Create an alert for this job
THE TEAM YOU WILL BE JOINING
  • A high-impact cybersecurity leadership function within a nationally recognized insurance wholesale brokerage organization.
  • A cyber GRC program that was built from the ground up and is now moving into a more mature, business-as-usual operating model.
  • A hybrid team made up of full-time employees and strategic contract support across regulatory compliance, IT/cyber risk, third-party risk, AI governance, education and awareness, policy/standards, and disaster recovery governance.
  • A highly collaborative environment partnering closely with the CISO, CIO, Legal, Privacy, Compliance, Enterprise Risk, Supplier Risk, Internal Audit, IT, Cybersecurity, and business leaders.
  • Manage and maintain a technology control library to support clear ownership, accountability, and report on the effectiveness of NIST-aligned controls across the organization.
WHAT THEY OFFER YOU
  • Opportunity to step into a true Head of GRC role with broad ownership and enterprise visibility.
  • Ability to lead a function that has already been built, structured, and operationalized — while continuing to mature and scale it.
  • Exposure to a unique cybersecurity regulatory environment, including  Committee of Foreign Investment of the United States (CFIUS)-related obligations, NYDFS cybersecurity compliance, and insurance-sector governance requirements.
  • High-trust partnership with senior technology, security, legal, compliance, privacy, and enterprise risk leaders.
WHY THIS ROLE IS IMPORTANT
  • This leader will carry forward the organization’s cybersecurity GRC program after a foundational buildout period.
  • The role owns critical governance across cyber risk, IT risk, regulatory compliance, vendor risk, AI governance, awareness, and disaster recovery governance.
  • The team needs a leader who can manage up to executive stakeholders while giving the team clear direction, prioritization, and support.
  • This person will help ensure cybersecurity, technology, and regulatory risks are identified, documented, escalated, remediated, and communicated effectively across the enterprise.
  • The role is central to translating complex risk and compliance topics into clear, business-ready language for senior leadership.
LOCATION
  • Charlotte, NC – Uptown, Hybrid
WHAT YOU WILL BE WORKING ON
  • Leading the cybersecurity Governance, Risk & Compliance function across regulatory, technology risk, cyber risk, third-party risk, AI governance, awareness, and policy/standards.
  • Managing key regulatory obligations tied to CFIUS, including national security agreement and data security plan commitments.
  • Supporting NYDFS cybersecurity compliance in partnership with internal subject matter experts and broader risk/compliance stakeholders.
  • Overseeing IT and cyber risk registers, risk assessments, remediation tracking, findings management, and governance reporting through Optro / formerly AuditBoard.
  • Leading third-party cyber risk management, including vendor due diligence, supplier risk partnership, SOC/SIG review, and cyber-related audit response.
  • Governing AI risk management framework, including policy, standards, council activity, risk review, and governance maturity.
  • Overseeing cybersecurity education, awareness, communications, phishing simulations, testing, metrics, and reporting.
  • Providing governance oversight for disaster recovery, including plan readiness, testing expectations, and accountability tracking.
  • Partnering across Legal, Privacy, Compliance, Enterprise Risk, Internal Audit, IT, Cybersecurity, Supplier Risk, and business leadership to drive practical risk management.
THE BACKGROUND THAT FITS
  • Senior cybersecurity GRC, technology risk, cyber risk, information security governance, or regulatory compliance leadership experience.
  • Background in insurance, financial services, banking, brokerage, or another highly regulated enterprise environment.
  • Prior experience working directly with a CISO, CIO, or senior information security executive.
  • Strong understanding of cyber governance, IT/cyber risk registers, regulatory compliance, control environments, audit readiness, and remediation tracking.
  • NYDFS cybersecurity experience is strongly preferred.
  • CFIUS experience is highly valuable.
  • Experience with third-party cyber risk, vendor due diligence, supplier risk partnership, and customer/carrier audit response.
  • Ability to lead emerging technology governance, particularly AI governance, policy, standards, risk review, and control development.
  • Experience with GRC platforms such as AuditBoard/Optro, Archer, ServiceNow IRM/GRC, MetricStream, LogicGate, OneTrust, or similar tools.
  • Strong executive communication skills with the ability to simplify complex cyber, technology, regulatory, and operational risk topics.
  • Certifications such as CISM, CISSP, CRISC, CISA, GSLC, or similar are preferred.

 
SCHEMA MARKUP ( This text will only show on the editor. )

This job is no longer available

Similar Jobs