Governance Risk Compliance Senior Manager jobs in United States
cer-icon
Apply on Employer Site
company-logo

B12 Consulting · 3 days ago

Governance Risk Compliance Senior Manager

positionHouston, TX
timeFull-time
remoteOnsite
senioritySenior Level
date5+ years exp

B12 Consulting is seeking a Governance Risk Compliance Senior Manager to provide executive oversight of Governance, Risk & Compliance programs. The role involves managing compliance with data security standards, developing risk assessment strategies, and leading third-party risk management initiatives.

Information Technology
check
Growth Opportunities
Hiring Manager
Judy Short
linkedin

Responsibilities

Provide executive oversight of Governance, Risk & Compliance programs including policy governance, enterprise risk management, compliance frameworks, and change initiatives
Direct and support the activities of the Manager of Governance, Manager of Risk & Compliance, and Manager of Change Management to ensure program integration, continuity, and effectiveness
Ensure compliance with data security and assurance standards including PCI DSS, SOC 1, and SOC 2 by developing and maintaining relevant policies, controls, and audits
Develop and maintain a comprehensive risk assessment and mitigation strategy for the company's Tolling Operations
Oversee the third-party risk management (TPRM) program, conducting vendor due diligence, security assessments, and contract reviews to ensure appropriate risk controls are in place
Collaborate with internal departments and external partners to improve operational governance and risk posture
Lead strategic planning and reporting related to GRC objectives and performance metrics
Support training, communication, and awareness programs to cultivate a risk-informed organizational culture. Participate in audit and incident response processes to ensure transparency and appropriate mitigation

Qualification

PCI DSS complianceSOC 1 complianceSOC 2 complianceRisk managementChange managementData protection policiesVendor risk managementLeadership skillsAnalytical skillsStrategic planningCross-functional relationshipsPublic sector knowledgeCertificationsCommunication skillsMentoring experience

Required

Provide executive oversight of Governance, Risk & Compliance programs including policy governance, enterprise risk management, compliance frameworks, and change initiatives
Direct and support the activities of the Manager of Governance, Manager of Risk & Compliance, and Manager of Change Management to ensure program integration, continuity, and effectiveness
Ensure compliance with data security and assurance standards including PCI DSS, SOC 1, and SOC 2 by developing and maintaining relevant policies, controls, and audits
Develop and maintain a comprehensive risk assessment and mitigation strategy for the company's Tolling Operations
Oversee the third-party risk management (TPRM) program, conducting vendor due diligence, security assessments, and contract reviews to ensure appropriate risk controls are in place
Collaborate with internal departments and external partners to improve operational governance and risk posture
Lead strategic planning and reporting related to GRC objectives and performance metrics
Support training, communication, and awareness programs to cultivate a risk-informed organizational culture
Participate in audit and incident response processes to ensure transparency and appropriate mitigation
Expert knowledge of compliance and assurance frameworks including PCI DSS, SOC 1, and SOC 2 reporting requirements
Extensive knowledge of risk management, compliance regulations, governance models, and change management frameworks
Strong understanding of IT controls, data protection policies, and third-party risk
Proven leadership and people management skills in cross-functional environments
Excellent analytical, communication, and strategic planning skills with the ability to translate complex security and compliance issues into business-relevant language
Deep understanding of public sector regulatory environments and operations
Ability to build cross-functional relationships and lead multi-departmental initiatives
Bachelor's degree in Information Security, Risk Management, Business Administration, or related field
5–7 years of progressive experience in GRC, compliance, audit, or risk management roles
Minimum 2–3 years of direct experience managing PCI DSS and SOC 1 / SOC 2 compliance efforts
Proven experience developing and managing vendor risk and third-party assessment programs
Leadership or mentoring experience in a GRC or risk-focused role

Preferred

Master's degree
Certified Information Systems Auditor (CISA)
Certified in Risk and Information Systems Control (CRISC)
Certified Information Security Manager (CISM)
Certified Information Systems Security Professional (CISSP)
Certified in Governance of Enterprise IT (CGEIT)
PCI Professional (PCIP) or similar PCI-related certification

Company

B12 Consulting

twittertwitter
company-logo
B12 Consulting™ leverages the AGILE approach for projects in emerging technologies & provides enterprise Consulting in Technology projects.
dateFounded in 2013
location
Dallas, Texas, USA
people-size51-200 employees
web-link
https://b12consulting.com/

Funding

Current Stage
Growth Stage

Leadership Team

leader-logo
Judy Short
Chief Talent Officer
linkedin
leader-logo
Mike Short
Senior Advisor & Strategic Partnerships
linkedin
Company data provided by crunchbase