Job ID: JOB_ID_2067
Position Summary
Central Business Solutions is looking for a strategic and results-driven Senior Governance, Risk and Compliance (GRC) professional to lead enterprise-wide information security and compliance programs. With over 20 years of experience required, this role is designed for a seasoned expert who can align security and risk management with overarching business objectives in highly regulated sectors. You will be responsible for overseeing audits, delivering executive-level reporting, and fostering a culture of security awareness across the organization. This position requires a deep understanding of global privacy laws and financial regulations.
Core Responsibilities
- Design and implement comprehensive GRC strategies and frameworks.
- Oversee Enterprise, Third Party, and Supply Chain Risk Management programs.
- Lead security program and project management initiatives from inception to completion.
- Develop and maintain ISMS and PIMS policies and procedures.
- Conduct threat management, business continuity planning, and impact analysis.
- Manage compliance with ISO 27001, 27005, and 27701 standards.
- Direct audits for SSAE18 SOC1, SOC2, and SOC3, ensuring adherence to COSO and COBIT frameworks.
- Ensure alignment with NIST 800-53, FedRAMP, CIS, and ADA requirements.
- Navigate complex regulatory landscapes including GDPR, CCPA, HIPAA BAA, and the EU AI Act.
- Oversee PCI-DSS, Visa ACS, FFIEC, GLBA, and SOX (ITGC) compliance.
- Collaborate across functional teams to solve complex security and compliance challenges.
- Manage budgeting, forecasting, and resource allocation for the GRC department.
- Deliver clear, actionable executive reporting and dashboarding to senior leadership.
Required Expertise
- 20+ years of experience in Information Security, Risk Management, and Compliance.
- Expert knowledge of international security standards and privacy regulations.
- Proven track record of leading successful enterprise-wide audits.
- Strong leadership skills with the ability to influence at the executive level.
- Experience in managing crisis and incident response programs.
- Deep understanding of the EU AI Act and its implications for enterprise compliance.
- Ability to build and maintain a strong organizational security culture.
Work Environment and Impact
This role is pivotal in protecting the organization’s reputation and operational integrity. You will work in a high-stakes environment where your decisions directly impact the company’s compliance posture and risk profile. We are looking for a leader who is not only a technical expert but also a mentor who can elevate the skills of the entire security team. The ideal candidate will have a preference for the Bay Area but must be open to relocation as needed for strategic projects.
Special Requirements
C2C only; Work Authorization: GC; 20+ years experience required; Preference for Bay Area candidates.
Compensation & Location
Salary: $190,000 – $250,000 per year (Estimated)
Location: San Francisco, CA
Recruiter / Company – Contact Information
Recruiter / Employer: Central Business Solutions
Email: resumes@cbsinfosys.com
Recruiter Notice:
To remove this job posting, please send an email from
resumes@cbsinfosys.com with the subject:
DELETE_JOB_ID_2067