14978FD Governance Risk & Compliance(GRC)Associate-Strategy & Programs

Job Description

Job Description

Strategy, Programs & GRC Associate – Information Security

Location: Onsite – Manhattan, NY
Salary Range: $42,000 – $90,000 (commensurate with skills and experience)
Industry: Financial Services | Risk & Cybersecurity | Strategy & Governance

Launch Your Career at the Intersection of Strategy, Cybersecurity & Compliance

Are you ready to play a pivotal role in shaping the future of cybersecurity governance in one of the world’s most dynamic financial environments? We are seeking a Strategy, Programs & GRC Associate to join our high-performing Information Security team in Manhattan.

This is a unique opportunity to blend strategic thinking with hands-on execution across a wide spectrum of governance, risk, and compliance initiatives. You’ll help manage cybersecurity programs, track key strategic initiatives, and ensure alignment with ever-evolving regulatory requirements.

What You'll Do

As a key member of the CISO team, you'll contribute across Governance, Risk, and Compliance (GRC) programs while collaborating with stakeholders across security, risk, IT, and executive leadership:

Strategic Planning & Execution

Coordinate InfoSec strategy with the broader NY Branch goals

Track KRIs (Key Risk Indicators) and strategic milestones

Conduct quarterly strategy reviews and recommend course corrections

Program Ownership

• • Support core CISO programs including:

  • Information Security Program

  • Security Training & Culture (e.g. phishing campaigns, tabletop exercises)

  • Data Privacy and Policy Management

• Maintain and update security policies and procedures

• Define and manage CISO roles, responsibilities, and governance structure

  Risk & Compliance

  • Contribute to the design and enhancement of a Technology & Information Security Risk (TISR) framework

  • Prepare for internal/external audits, anticipate evidence requests, and ensure audit readiness

  • Monitor and ensure compliance with GLBA, FFIEC, NIST, and other industry regulations

  • Stay current on data privacy laws and cybersecurity regulations

  Reporting & Metrics

  • Develop and manage CISO reporting, including:

  • Operational dashboards

  • Executive and Board-level summaries

  • Budget, headcount, and resource planning metrics

  What You Bring

  Bachelor’s degree in Business, Risk, Data, Computer Science, MIS, Engineering, Math, or a related field
  3+ years in financial services: risk management, audit, IT/IS operations, or privacy
  2+ years working directly on IT/IS risk programs and policy development
  Familiarity with U.S. banking regulations and frameworks (NIST, GLBA, FFIEC)
  Knowledge of cybersecurity tools (SIEM, DLP, XDR/EDR, etc.) and IT infrastructure
  Understanding of Windows Server, Active Directory, UNIX, network architectures, etc.
  CISSP, CRISC, or other IT/security certifications preferred

  Why This Role?

  Cross-Functional Visibility: Collaborate across security, risk, IT, and executive teams
  Diverse Scope: Gain exposure to privacy, cybersecurity, operations, and strategic planning
  Career Acceleration: Ideal for professionals looking to grow into GRC, risk leadership, or CISO-track roles
  Manhattan-Based Impact: Work on-site in the heart of the global financial industry
  Compensation & Growth: Competitive salary and long-term professional development support

  If you’re analytical, detail-oriented, and passionate about cybersecurity and regulatory excellence, this is your opportunity to grow in a role that bridges technology, governance, and strategic execution.

  
  #acgresourcesjobs

Company DescriptionGreat opportunity, visible role

Company Description

Great opportunity, visible role