Senior Director, Governance and Risk (Cybersecurity)

TL;DR

Senior Director, Information Security Governance & Risk (Cybersecurity): Operationalize governance and risk vision across Security Policy, Awareness, Business Continuity, Vendor Risk Management, and Risk Register with an accent on execution through team leadership, process optimization, and stakeholder collaboration. Focus on automating workflows with AI agents, negotiating security contract language, driving risk remediation accountability, and delivering executive risk reporting.

Location: Remote (USA). Candidates near hirify.global offices may opt for hybrid (Tuesday/Wednesday in office). All employees required to occasionally travel for business (3-4 times/year). Authorization to work in the United States required.

Salary: $120,000 – $175,000

Company

Self-sustaining nonprofit expanding educational and career opportunities through assessments, services, and mission-driven work.

What you will do

• Manage governance and risk functions (50%): Oversee security policy maintenance, awareness programs, business continuity coordination, technology risk register, and vendor risk assessments.
• Drive process optimization and automation (20%): Identify scaling opportunities using tools like OneTrust and KnowBe4, implement AI agents, monitor KPIs, and foster continuous improvement.
• Lead a team of four (20%): Set vision, priorities, coach for performance, and ensure alignment with organizational goals.
• Negotiate security reviews (10%): Review data security in procurement contracts, RFPs, and develop risk language for state contracts.
• Collaborate with Legal, Procurement, InfoSec, Privacy, and business stakeholders to align on risk decisions and remediation.

Requirements

• Authorization to work in the United States required.
• 8-10+ years leading governance and risk functions; CRISC certification required (CISM, CISSP preferred).
• Bachelor’s degree required (advanced degree preferred).
• Proven expertise in security policy, awareness, business continuity, vendor risk management, and issue management.
• Strong leadership, communication, and execution skills for technical/non-technical audiences and fast-paced environments.
• Comfort with AI, automation, and emerging technologies; ability to travel 3-4 times/year.

Nice to have

• Experience with continuous monitoring for vendor risks.
• Advanced degrees or additional security certifications.

Culture & Benefits

• Supportive team environment with focus on impact, excellence, collaboration, and growth mindset.
• Comprehensive compensation package adjusted by location, experience, and market data.
• Transparent hiring conversations on pay, benefits, and company culture.
• Mission-driven work grounded in operating principles and manager expectations.
• Opportunities for learning, feedback, and adopting new digital tools.

Hiring process

• Resume/application review, recruiter screen, hiring manager interview, performance exercise, panel interview, leadership conversation, and reference checks.
• Applications reviewed immediately until position filled (minimum 5 business days).