Compliance Manager • Senior

Who you are

You are a seasoned Cybersecurity GRC & Data Privacy Subject Matter Expert with a strong background in governance, risk management, and compliance. With at least 5 years of experience, you have successfully led strategic advisory engagements that enhance clients' security posture and privacy programs. You possess excellent communication skills, allowing you to effectively engage with CISOs, CIOs, and other executives, ensuring that your advisory services align with their organizational goals.

Your expertise in GRC frameworks such as NIST CSF and ISO 27001 is complemented by a solid understanding of regulatory compliance requirements, including GDPR and CCPA. You have a proven track record of designing and operationalizing cybersecurity governance models, which includes developing policies, standards, and risk management strategies. Your consulting instincts enable you to navigate complex client environments and deliver tailored solutions that drive measurable outcomes.

What you'll do

In this role, you will lead end-to-end GRC and privacy engagements, overseeing the scoping, planning, execution, and reporting phases. You will design and operationalize cybersecurity governance models, ensuring that they are aligned with industry best practices and regulatory requirements. Your responsibilities will include building and maturing enterprise risk programs, conducting risk assessments, and developing control libraries that enhance organizational resilience.

You will also support clients in their regulatory readiness and compliance initiatives, providing guidance on SEC cyber disclosures, NYDFS 500, and HIPAA compliance. Additionally, you will enhance privacy programs by implementing data mapping, conducting Data Protection Impact Assessments (DPIAs), and managing consent processes. Your role will require you to collaborate closely with various stakeholders, including risk leaders and private equity deal teams, to ensure that the solutions you provide are practical and effective.

What we offer

At CFGI, you will have the opportunity to work on high-impact projects with sophisticated clients and private equity portfolio companies. We foster a collaborative culture that values autonomy and flexibility, allowing you to shape and scale our fast-growing Cybersecurity practice. You will receive competitive compensation and benefits, along with a clear career growth trajectory that supports your professional development.