Executive Advisor – Governance, Risk and Compliance

Malleum

Executive Advisor responsible for leading strategic GRC engagements across sectors at Malleum, shaping governance and risk compliance in cybersecurity. Serving as trusted counsel to C-suite and board stakeholders.

Posted 4/29/2026full-time🇨🇦 CanadaSeniorLeadWebsite

Tech Stack

Tools & technologies

Cyber Security

About the role

Key responsibilities & impact

Lead executive-level GRC advisory engagements for clients across space, aerospace, defense, government, and critical infrastructure
Stand up and mature Cyber Resilience Programs at large enterprises
Advise C-suite and board stakeholders on cyber risk posture, regulatory exposure, and strategic investment priorities
Lead client journeys to CMMC (Cybersecurity Maturity Model Certification) readiness and certification
Develop, operationalize, and audit programs aligned with NIST CSF 2.0, NIST 800-53/171, ISO 27001/27005, ITSG-33, SOC 2, and sector-specific frameworks
Advise space-sector clients on emerging requirements such as Space ISAC guidance
Define and implement enterprise risk management frameworks, KRIs/KPIs, risk appetite statements, and board reporting cadences
Lead third-party / supply-chain risk programs aligned with defense industrial base (DIB) and allied requirements
Shape Malleum's GRC service offerings, methodologies, accelerators, and intellectual property
Mentor and develop senior managers, managers, and consultants
Drive business development: trusted-advisor relationships, account growth, proposals, and thought leadership across the space, aerospace, and defense ecosystem
Represent Malleum in industry forums, regulator engagements, client briefings, and executive roundtables

Requirements

What you’ll need

15+ years of progressive cybersecurity and GRC experience, including senior leadership roles in consulting, industry, or government
Demonstrated track record standing up and scaling Cyber Resilience Programs for large, complex enterprises
Deep expertise across CMMC (Levels 1–3) and emerging CPCSC requirements
Hands-on experience advising clients in space, aerospace, and defense
Strong command of NIST CSF 2.0, NIST 800-53/171/172, ISO 27001/27005, and relevant privacy regimes
Executive presence — proven ability to advise CISOs, CIOs, CFOs, GCs, audit committees, and boards
Strong commercial acumen — practice building, account growth, proposal leadership, and revenue accountability
Demonstrated leadership in mentoring, coaching, and developing high-performing GRC teams
Certifications such as CISSP, CISM, CRISC, CGEIT, CISA, ISO 27001 Lead Auditor/Implementer, or CMMC Registered Practitioner (RP) strongly preferred
Eligibility for Government of Canada security clearance (Secret or higher); existing clearance highly valued
Bilingualism (English/French) considered a strong asset
Bachelor's degree required; advanced degree (MBA, MS in Cybersecurity) preferred

Benefits

Comp & perks

Highly competitive executive compensation
Performance incentives
Equity-style participation in practice growth
Continuous learning budget
Certification sponsorship
A platform to publish, speak, and shape industry dialogue
A flat, high-trust culture that rewards judgment, ownership, and mission focus

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

cybersecurityGRCCyber Resilience ProgramsCMMCNIST CSF 2.0NIST 800-53ISO 27001ISO 27005risk management frameworksthird-party risk management

Soft Skills

executive presencecommercial acumenmentoringcoachingleadershipcommunicationbusiness developmenttrusted-advisor relationshipsaccount growththought leadership

Certifications

CISSPCISMCRISCCGEITCISAISO 27001 Lead AuditorISO 27001 ImplementerCMMC Registered PractitionerGovernment of Canada security clearancebilingualism (English/French)