Governance Risk & Compliance (GRC) Associate – Strategy & Programs

Strategy, Programs & GRC Associate – Information Security

 Location: Onsite – Manhattan, NY
 Salary Range: $42,000 – $90,000 (commensurate with skills and experience)
 Industry: Financial Services | Risk & Cybersecurity | Strategy & Governance

Launch Your Career at the Intersection of Strategy, Cybersecurity & Compliance

Are you ready to play a pivotal role in shaping the future of cybersecurity governance in one of the world’s most dynamic financial environments? We are seeking a Strategy, Programs & GRC Associate to join our high-performing Information Security team in Manhattan.

This is a unique opportunity to blend strategic thinking with hands-on execution across a wide spectrum of governance, risk, and compliance initiatives. You’ll help manage cybersecurity programs, track key strategic initiatives, and ensure alignment with ever-evolving regulatory requirements.

What You'll Do

As a key member of the CISO team, you'll contribute across Governance, Risk, and Compliance (GRC) programs while collaborating with stakeholders across security, risk, IT, and executive leadership:

 Strategic Planning & Execution

Coordinate InfoSec strategy with the broader NY Branch goals

Track KRIs (Key Risk Indicators) and strategic milestones

Conduct quarterly strategy reviews and recommend course corrections

 Program Ownership

  • Support core CISO programs including:

  • Information Security Program

  • Security Training & Culture (e.g. phishing campaigns, tabletop exercises)

  • Data Privacy and Policy Management

  • Maintain and update security policies and procedures

  • Define and manage CISO roles, responsibilities, and governance structure

    ? Risk & Compliance

    • Contribute to the design and enhancement of a Technology & Information Security Risk (TISR) framework

    • Prepare for internal/external audits, anticipate evidence requests, and ensure audit readiness

    • Monitor and ensure compliance with GLBA, FFIEC, NIST, and other industry regulations

    • Stay current on data privacy laws and cybersecurity regulations

     Reporting & Metrics

    • Develop and manage CISO reporting, including:

    • Operational dashboards

    • Executive and Board-level summaries

    • Budget, headcount, and resource planning metrics

    What You Bring

     Bachelor’s degree in Business, Risk, Data, Computer Science, MIS, Engineering, Math, or a related field
     3+ years in financial services: risk management, audit, IT/IS operations, or privacy
     2+ years working directly on IT/IS risk programs and policy development
     Familiarity with U.S. banking regulations and frameworks (NIST, GLBA, FFIEC)
     Knowledge of cybersecurity tools (SIEM, DLP, XDR/EDR, etc.) and IT infrastructure
     Understanding of Windows Server, Active Directory, UNIX, network architectures, etc.
     CISSP, CRISC, or other IT/security certifications preferred

    Why This Role?

     Cross-Functional Visibility: Collaborate across security, risk, IT, and executive teams
     Diverse Scope: Gain exposure to privacy, cybersecurity, operations, and strategic planning
     Career Acceleration: Ideal for professionals looking to grow into GRC, risk leadership, or CISO-track roles
     Manhattan-Based Impact: Work on-site in the heart of the global financial industry
     Compensation & Growth: Competitive salary and long-term professional development support

     

    If you’re analytical, detail-oriented, and passionate about cybersecurity and regulatory excellence, this is your opportunity to grow in a role that bridges technology, governance, and strategic execution.



    #acgresourcesjobs

    • ACG Resources

    To Apply for this Job Click Here

    Job Ref: 14978

    Salary: $42000 – $90000

    Strategy, Programs & GRC Associate – Information Security

     Location: Onsite – Manhattan, NY
     Salary Range: $42,000 – $90,000 (commensurate with skills and experience)
     Industry: Financial Services | Risk & Cybersecurity | Strategy & Governance

    Launch Your Career at the Intersection of Strategy, Cybersecurity & Compliance

    Are you ready to play a pivotal role in shaping the future of cybersecurity governance in one of the world’s most dynamic financial environments? We are seeking a Strategy, Programs & GRC Associate to join our high-performing Information Security team in Manhattan.

    This is a unique opportunity to blend strategic thinking with hands-on execution across a wide spectrum of governance, risk, and compliance initiatives. You’ll help manage cybersecurity programs, track key strategic initiatives, and ensure alignment with ever-evolving regulatory requirements.

    What You’ll Do

    As a key member of the CISO team, you’ll contribute across Governance, Risk, and Compliance (GRC) programs while collaborating with stakeholders across security, risk, IT, and executive leadership:

     Strategic Planning & Execution

    Coordinate InfoSec strategy with the broader NY Branch goals

    Track KRIs (Key Risk Indicators) and strategic milestones

    Conduct quarterly strategy reviews and recommend course corrections

     Program Ownership

    • Support core CISO programs including:

    • Information Security Program

    • Security Training & Culture (e.g. phishing campaigns, tabletop exercises)

    • Data Privacy and Policy Management

  • Maintain and update security policies and procedures

  • Define and manage CISO roles, responsibilities, and governance structure

    ? Risk & Compliance

    • Contribute to the design and enhancement of a Technology & Information Security Risk (TISR) framework

    • Prepare for internal/external audits, anticipate evidence requests, and ensure audit readiness

    • Monitor and ensure compliance with GLBA, FFIEC, NIST, and other industry regulations

    • Stay current on data privacy laws and cybersecurity regulations

     Reporting & Metrics

    • Develop and manage CISO reporting, including:

    • Operational dashboards

    • Executive and Board-level summaries

    • Budget, headcount, and resource planning metrics

    What You Bring

     Bachelor’s degree in Business, Risk, Data, Computer Science, MIS, Engineering, Math, or a related field
     3+ years in financial services: risk management, audit, IT/IS operations, or privacy
     2+ years working directly on IT/IS risk programs and policy development
     Familiarity with U.S. banking regulations and frameworks (NIST, GLBA, FFIEC)
     Knowledge of cybersecurity tools (SIEM, DLP, XDR/EDR, etc.) and IT infrastructure
     Understanding of Windows Server, Active Directory, UNIX, network architectures, etc.
     CISSP, CRISC, or other IT/security certifications preferred

    Why This Role?

     Cross-Functional Visibility: Collaborate across security, risk, IT, and executive teams
     Diverse Scope: Gain exposure to privacy, cybersecurity, operations, and strategic planning
     Career Acceleration: Ideal for professionals looking to grow into GRC, risk leadership, or CISO-track roles
     Manhattan-Based Impact: Work on-site in the heart of the global financial industry
     Compensation & Growth: Competitive salary and long-term professional development support

     

    If you’re analytical, detail-oriented, and passionate about cybersecurity and regulatory excellence, this is your opportunity to grow in a role that bridges technology, governance, and strategic execution.

    #acgresourcesjobs

    For more jobs like this
    Please download our app today to easily participate in our referral program, stay up to date on our latest open positions, quickly communicate with us, and be the first to get updates.” Apple IOS | Android

    To Apply for this Job Click Here

    • Max. file size: 128 MB.
    • This field is for validation purposes and should be left unchanged.