Cybersecurity Designer executing and proposing process improvements at Bancolombia. Collaborating on cybersecurity functions to enhance client protection and information security.
LE
Hybrid Director of Information Security Governance, Risk, and Compliance, GRC
Posted 2 months ago
About the role
- Director leading global Information Security Governance, Risk & Compliance strategy. At LeoLabs, overseeing cybersecurity initiatives protecting assets in commercial and government missions.
Responsibilities
- Lead and mature the enterprise cybersecurity and GRC strategy — build scalable governance frameworks and ensure alignment with business goals.
- Assess and mitigate organizational risk — conduct risk assessments, close compliance gaps, and drive remediation of vulnerabilities.
- Ensure regulatory and contractual compliance — manage frameworks such as FedRAMP, CMMC, NIST, ISO 27001, GDPR, and others.
- Oversee incident response and resilience — develop and execute response plans, lead cross-functional remediation, and report to executive leadership.
- Partner across the enterprise — build collaboration with Legal, HR, IT, and Operations to embed security and compliance awareness.
- Drive major transformation initiatives — including AI adoption risk frameworks, Post-Quantum Cryptography, and Zero Trust architecture implementation.
Requirements
- 10–12 years of related experience, with 5+ years in supervisory or program/project management roles.
- Expertise in cybersecurity governance, risk management, and compliance frameworks (NIST 800-53/171, CMMC, ISO 27001, Cloud Security Alliance).
- Strong grasp of cloud infrastructure, access controls, and change management.
- Demonstrated experience with agile methodologies and organizational change management.
- Excellent executive communication, analytical, and problem-solving skills.
- Proven ability to manage competing priorities in a fast-paced, global environment.
- Results-oriented with exceptional attention to detail and accountability.
Benefits
- Global workforce: flexible remote/hybrid opportunities
- Work on complex, meaningful missions with real-world impact
- Unlimited paid time off for most roles
- Competitive salary and equity packages
- Comprehensive health, dental, and vision coverage
- Access to the forefront of commercial space operations and defense innovation
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Microsoft Security Specialist role at Syntax focused on delivering Microsoft security workshops and advisory engagements. Collaborating on technology implementation while ensuring customer security success.
Cybersecurity Specialist developing IT resilience and disaster recovery concepts for a global scale in secure IT services. Collaborating across borders in shaping organizational security standards.
Senior Cybersecurity Scrum Master focusing on release management at AT&T, collaborating across teams and managing production change requests with an Agile mindset.
BISO responsible for planning and executing enterprise - wide information security initiatives at Elsevier. Driving cybersecurity awareness and managing technical risk assessments for organizational improvements.
Develop innovative Cloud architectures on Microsoft Azure platforms. Secure cloud infrastructure and applications against various threats while working in a project team.
Analista Pleno de Segurança Patrimonial na Hershey Brasil, responsável por suporte de segurança física e gestão de serviços de segurança. Atuará em conformidade e gestão de crise em São Roque.
Senior Security Architect managing security architecture for Fitch Group. Leading design and implementation of control sets for emerging technologies.
Regional Information Security Officer managing security protocols and compliance for KARL STORZ. Leading local ISOs and enhancing information security measures across subsidiaries.
CISO managing information security and privacy governance at Puzzel, a leading cloud - based contact center provider in Europe. Engaging with stakeholders for compliance and risk management.