The IT & Security Governance Manager is responsible for advancing enterprise-wide technology maturity across corporate IT, cloud and product environments, and operational systems.
This role strengthens governance structures, data stewardship practices, security controls, and operational risk management to ensure that systems and data effectively support the organization's mission, strategic partnerships, and sustainable growth.
This position operationalizes compliance frameworks as structured tools to enhance efficiency, accountability, and resilience — leveraging them to improve processes, mitigate risk, and elevate overall technology governance rather than treating compliance as the sole objective.

Requirements

Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, or a related field, or a minimum of five (5) years of progressive experience in IT governance, security, or risk management.
Experience operating across multiple security and IT domains, including corporate IT security, cloud security, application security, incident response, and risk/compliance functions.
Strong understanding of identity and access management principles, including SSO, MFA, least privilege, and access review processes.
Working knowledge of common security controls and their implementation in operational environments, including logging, endpoint hardening, network controls, encryption, and backup management.
Experience contributing to IT governance, data governance, or system oversight in addition to security operations.
Ability to translate complex technical risk into clear, actionable plans for both technical and non-technical stakeholders.
Demonstrated ability to work effectively in a lean, mission-driven environment, prioritizing initiatives based on risk, impact, and organizational needs.
Experience leading or supporting audits and security frameworks such as PCI-DSS, SOC 2, ISO 27001, NIST 800-53 Rev. 5, or HIPAA-adjacent controls (preferred).
Hands-on experience with cloud platforms (AWS, Azure, or GCP) and modern CI/CD pipelines (preferred).
Experience with endpoint management (MDM) and security tooling, including EDR, vulnerability scanners, and SIEM/log management platforms (preferred).
Familiarity with secure software development practices and threat modeling methodologies (preferred).
Relevant industry certifications such as Security+, SSCP, CISSP, CISM, CCSP, or equivalent (preferred).
Experience supporting grant-funded initiatives, multi-partner collaborations, or externally funded programs.

Benefits

Professional development opportunities
Flexible work arrangements

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

IT governancesecurity managementrisk managementidentity and access managementsecurity controlscloud securityapplication securityincident responseencryptionbackup management

Soft Skills

communicationorganizational skillsprioritizationcollaborationproblem-solving

Certifications

Security+SSCPCISSPCISMCCSP