Compliance Manager • Senior

Who you are

You are a seasoned Cybersecurity GRC & Data Privacy Subject Matter Expert with extensive experience leading strategic advisory engagements. You have a proven track record of strengthening clients’ security governance, risk management, compliance posture, and privacy programs. Your ability to communicate effectively with CISOs, CIOs, CFOs, and other executive leaders sets you apart, allowing you to design pragmatic programs that drive measurable outcomes.

With a strong consulting instinct, you excel in managing multiple client workstreams while delivering high-quality results. Your deep expertise in GRC frameworks and regulatory compliance, including GDPR and HIPAA, enables you to support organizations in navigating complex regulatory landscapes. You are adept at building and maturing enterprise risk programs, conducting risk assessments, and developing security policies aligned with industry standards.

Desirable

You bring additional experience with frameworks such as NIST CSF and ISO 27001, which enhances your ability to operationalize cybersecurity governance models. Your familiarity with privacy regulations like CCPA/CPRA and SEC cyber disclosure requirements further strengthens your candidacy. You thrive in collaborative environments and are eager to shape and scale a fast-growing Cybersecurity practice.

What you'll do

In this role, you will lead end-to-end GRC and privacy engagements, overseeing scoping, planning, execution, and executive reporting. You will design and operationalize cybersecurity governance models, including policies, standards, and risk appetite frameworks. Your responsibilities will include building and maturing enterprise risk programs, developing risk assessments, and creating control libraries.

You will also support regulatory readiness and compliance initiatives, ensuring that clients meet requirements for various regulations such as GDPR, HIPAA, and PCI DSS. Your expertise will be crucial in enhancing privacy programs, including data mapping, DPIAs, and consent management processes. You will work closely with clients to drive measurable outcomes and ensure their compliance posture is robust and effective.

What we offer

At CFGI, you will have the opportunity to work on high-impact projects with sophisticated clients and private equity portfolio companies. We foster a collaborative culture that values autonomy and flexibility, providing strong leadership support to help you succeed. Competitive compensation and benefits are part of our commitment to your career growth trajectory, making CFGI an ideal place for professionals looking to make a significant impact in the Cybersecurity field.