SecJobs
RoleSuite
CompaniesRemoteAboutMethodologyContactPrivacy
Updated 2026-07-03 19:00 UTC·© 2025–2026 RoleSuite
← Back to listings

Manager, Cybersecurity Governance Risk & Compliance

Jobgether · US

This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Manager, Cybersecurity Governance Risk & Compliance based in the United States.

This is a senior leadership role focused on strengthening and scaling an enterprise Third-Party Risk Management (TPRM) and cybersecurity governance function within a fast-paced, healthcare technology environment. You will lead a team responsible for vendor risk assessments, contract security reviews, continuous monitoring, and executive risk reporting. The role combines people leadership with hands-on risk oversight, requiring the ability to guide complex cybersecurity decisions while ensuring consistency, quality, and alignment with enterprise risk tolerance. You will partner closely with cross-functional stakeholders across legal, procurement, privacy, compliance, and technology to ensure third-party risks are properly identified and managed. In addition to operational leadership, you will play a key role in shaping governance frameworks, improving processes, and driving automation across the program. This is a high-visibility position where your work directly influences organizational resilience, regulatory readiness, and strategic vendor decision-making.

Accountabilities:

  • Lead and develop a Third-Party Risk Management (TPRM) team, including coaching, performance management, hiring, and capability building.
  • Oversee daily TPRM operations including vendor risk assessments, contract security reviews, continuous monitoring, and remediation tracking.
  • Review and approve high-risk vendor assessments, risk ratings, exception requests, and mitigation plans to ensure alignment with enterprise risk standards.
  • Serve as escalation point for complex cybersecurity and vendor risk decisions, providing structured recommendations to leadership.
  • Ensure consistent application of risk methodologies, governance frameworks, and documentation standards across all assessments.
  • Partner with business, legal, procurement, compliance, privacy, and IT teams to manage third-party risk throughout the vendor lifecycle.
  • Drive development and continuous improvement of cybersecurity policies, standards, and governance processes.
  • Lead audit readiness activities and support regulatory and internal audit requests with complete, defensible documentation.
  • Own executive reporting for the TPRM program, including dashboards, KPIs, KRIs, and portfolio risk insights.
  • Lead strategic initiatives to improve automation, operational efficiency, and maturity of the cybersecurity governance program.
  • Integrate AI governance considerations into third-party risk practices in collaboration with legal, privacy, and compliance teams.
  • Requirements:

    • Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or related field, or equivalent experience.
    • 8+ years of experience in cybersecurity, governance, risk management, compliance, or third-party risk management.
    • 2–3+ years of people management or team leadership experience.
    • Strong background in enterprise TPRM, cybersecurity governance, or GRC program leadership.
    • Deep understanding of risk assessment methodologies, cybersecurity controls, and vendor risk frameworks.
    • Experience developing policies, governance models, and executive-level reporting (KPIs, KRIs, dashboards).
    • Strong stakeholder management skills with the ability to influence executive and cross-functional decisions.
    • Excellent communication skills, with the ability to translate technical risk into business impact.
    • Experience supporting audits, regulatory requirements, and risk compliance initiatives.
    • Preferred certifications: CISSP, CISM, CRISC, CISA, CCSP, or CCSK.
    • Preferred: experience with AI governance, TPRM platforms, and cybersecurity frameworks such as NIST, ISO 27001, SOC 2, or HITRUST.
    • Benefits:

      • Competitive salary range: $118,000 – $167,700 (based on experience)
      • 100% remote work with flexibility across the United States
      • Comprehensive medical, dental, and vision insurance
      • Retirement savings plan and financial wellbeing programs
      • Paid time off, holidays, and flexible work arrangements
      • Professional development support, including certifications and tuition reimbursement
      • Employee wellness, mental health, and assistance programs
      • Opportunity to lead and mature a high-impact enterprise cybersecurity program
      • Exposure to AI governance, advanced risk frameworks, and enterprise security strategy
      • Inclusive, people-first culture focused on collaboration, growth, and innovation

Security pay context

Based on 1,662 disclosed Security salaries on RoleSuite, the role pays a median of $142K/year, with most offers between $114K and $179K (10th–90th percentile: $95K–$215K).

This posting lists $118K–$168K, in line with the $142K market median.

See the full Security salary breakdown →
Apply →

Other roles at Jobgether

  • Senior ML Operations (MLOps) EngineerUS
  • Security Engineer, Product SecurityUS
  • Sr. Manager, Growth MarketingUS
  • Director of Data Engineering, HealthcareUS
  • VP, Payor PartnershipsUS
  • Telecom Observability EngineerUS
  • Assistant Controller, People LeaderUS
  • Director, Policy and Business DevelopmentUS
  • Technical Representative NSWAustralia
  • Sr. People Operations ManagerUS

More Security roles

  • Solution Architect – Operational Resilience - 6 Month FTC Capco · UK - London
  • Senior Security Engineer (AI Safety), London or LausanneIsomorphic Labs · Lausanne; London
  • Sr Security Engineer, Incident ResponseDatabricks · Belgium; Finland; Remote - Denmark; Remote - France; Remote - Germany; Remote - Netherlands; Remote - Spain; Remote - Sweden; Remote - United Kingdom; Switzerland
  • Senior GRC AnalystPleo · London
  • Senior GRC AnalystPleo · United Kingdom
  • Product, Application and Offensive Security LeadWPP · United Kingdon
  • Mission Analyst - Palo Alto, CA (Contract)Latitude · Palo Alto, CA
  • Junior Security AnalystWPP · United Kingdom
  • Security ManagerKempinski · Baie Lazare
  • Senior Security Engineer, SEARApple · Cheltenham