Data Dimensions

Director of Governance, Risk & Compliance

Data Dimensions

full-time

Posted on:

Location Type: Remote

Location: WisconsinUnited States

Visit company website

Explore more

AI Apply
Apply

Job Level

Lead

Tech Stack

Cyber Security

About the role

  • Reporting to the Chief Information Security Officer, this position is responsible for developing, implementing, and managing the organization’s governance, risk, and compliance programs.
  • Ensure adherence to regulatory and industry standards, including SOC 2 and HITRUST.
  • Oversee the enterprise cyber risk management framework.
  • Lead and maintain SOC 2 and HITRUST certification programs, including readiness assessments, gap analysis, remediation planning, and audit coordination.
  • Develop and maintain policies, procedures, and controls to meet compliance requirements.
  • Serve as the primary liaison with external auditors and certification bodies.
  • Design and implement a comprehensive cyber risk management program aligned with industry best practices and regulatory requirements.
  • Conduct risk assessments, identify vulnerabilities, and recommend mitigation strategies.
  • Maintain risk registers and provide regular reporting to executive leadership.
  • Establish and enforce governance frameworks for information security and compliance.
  • Ensure alignment of GRC activities with organizational objectives and regulatory obligations.
  • Monitor emerging regulations and standards, advising leadership on potential impacts.
  • Consult with the Chief Information Security Officer in support of senior management to ensure that security activities are taking place on an appropriate and ongoing basis.
  • Collaborate with IT, Security, Legal, and Business teams to ensure compliance and risk management objectives are met.
  • Provide training and awareness programs to promote compliance and risk-conscious behavior across the organization.

Requirements

  • Bachelor’s degree in Information Security, Risk Management, related field, or equivalent experience
  • 8+ years in information security, compliance, or risk management roles.
  • Proven experience managing SOC 2 and HITRUST programs.
  • Strong understanding of cybersecurity frameworks (NIST, ISO 27001, etc.).
  • Excellent knowledge of regulatory requirements and audit processes.
  • Strong analytical, organizational, and communication skills.
  • Ability to work independently and influence cross-functional teams.
  • Superior project management – must effectively develop and manage project plans
  • Expert time management skills.
  • One or more of: CISSP, CISA, CISM, CRISC certifications preferred.
Benefits
  • None specified 📊 Check your resume score for this job Improve your chances of getting an interview by checking your resume score before you apply. Check Resume Score

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
SOC 2HITRUSTcyber risk managementrisk assessmentsvulnerability identificationremediation planningaudit coordinationgovernance frameworkscybersecurity frameworksregulatory compliance
Soft skills
analytical skillsorganizational skillscommunication skillsindependent workinfluence cross-functional teamsproject managementtime managementtraining and awarenesscollaborationleadership
Certifications
CISSPCISACISMCRISC