Head of Cybersecurity Governance, Risk and Compliance

AccruePartners, Inc. ·www.accruepartners.com

Location Charlotte, North Carolina, United States
Work type Hybrid
Type Full time
Level Director
Source Shazamme
Information Technology Open
Apply direct
THE TEAM YOU WILL BE JOINING
  • A high-impact cybersecurity leadership function within a nationally recognized insurance wholesale brokerage organization.
  • A cyber GRC program that was built from the ground up and is now moving into a more mature, business-as-usual operating model.
  • A hybrid team made up of full-time employees and strategic contract support across regulatory compliance, IT/cyber risk, third-party risk, AI governance, education and awareness, policy/standards, and disaster recovery governance.
  • A highly collaborative environment partnering closely with the CISO, CIO, Legal, Privacy, Compliance, Enterprise Risk, Supplier Risk, Internal Audit, IT, Cybersecurity, and business leaders.
  • Manage and maintain a technology control library to support clear ownership, accountability, and report on the effectiveness of NIST-aligned controls across the organization.
WHAT THEY OFFER YOU
  • Opportunity to step into a true Head of GRC role with broad ownership and enterprise visibility.
  • Ability to lead a function that has already been built, structured, and operationalized — while continuing to mature and scale it.
  • Exposure to a unique cybersecurity regulatory environment, including Committee of Foreign Investment of the United States (CFIUS) -related obligations, NYDFS cybersecurity compliance, and insurance-sector governance requirements.
  • High-trust partnership with senior technology, security, legal, compliance, privacy, and enterprise risk leaders.
WHY THIS ROLE IS IMPORTANT
  • This leader will carry forward the organization’s cybersecurity GRC program after a foundational buildout period.
  • The role owns critical governance across cyber risk, IT risk, regulatory compliance, vendor risk, AI governance, awareness, and disaster recovery governance.
  • The team needs a leader who can manage up to executive stakeholders while giving the team clear direction, prioritization, and support.
  • This person will help ensure cybersecurity, technology, and regulatory risks are identified, documented, escalated, remediated, and communicated effectively across the enterprise.
  • The role is central to translating complex risk and compliance topics into clear, business-ready language for senior leadership.
LOCATION
  • Charlotte, NC – Uptown, Hybrid
WHAT YOU WILL BE WORKING ON
  • Leading the cybersecurity Governance, Risk & Compliance function across regulatory, technology risk, cyber risk, third-party risk, AI governance, awareness, and policy/standards.
  • Managing key regulatory obligations tied to CFIUS, including national security agreement and data security plan commitments.
  • Supporting NYDFS cybersecurity compliance in partnership with internal subject matter experts and broader risk/compliance stakeholders.
  • Overseeing IT and cyber risk registers, risk assessments, remediation tracking, findings management, and governance reporting through Optro / formerly AuditBoard.
  • Leading third-party cyber risk management, including vendor due diligence, supplier risk partnership, SOC/SIG review, and cyber-related audit response.
  • Governing AI risk management framework, including policy, standards, council activity, risk review, and governance maturity.
  • Overseeing cybersecurity education, awareness, communications, phishing simulations, testing, metrics, and reporting.
  • Providing governance oversight for disaster recovery, including plan readiness, testing expectations, and accountability tracking.
  • Partnering across Legal, Privacy, Compliance, Enterprise Risk, Internal Audit, IT, Cybersecurity, Supplier Risk, and business leadership to drive practical risk management.
THE BACKGROUND THAT FITS
  • Senior cybersecurity GRC, technology risk, cyber risk, information security governance, or regulatory compliance leadership experience.
  • Background in insurance, financial services, banking, brokerage, or another highly regulated enterprise environment.
  • Prior experience working directly with a CISO, CIO, or senior information security executive.
  • Strong understanding of cyber governance, IT/cyber risk registers, regulatory compliance, control environments, audit readiness, and remediation tracking.
  • NYDFS cybersecurity experience is strongly preferred.
  • CFIUS experience is highly valuable.
  • Experience with third-party cyber risk, vendor due diligence, supplier risk partnership, and customer/carrier audit response.
  • Ability to lead emerging technology governance, particularly AI governance, policy, standards, risk review, and control development.
  • Experience with GRC platforms such as AuditBoard/Optro, Archer, ServiceNow IRM/GRC, MetricStream, LogicGate, OneTrust, or similar tools.
  • Strong executive communication skills with the ability to simplify complex cyber, technology, regulatory, and operational risk topics.
  • Certifications such as CISM, CISSP, CRISC, CISA, GSLC, or similar are preferred.

Frequently asked questions

Who is hiring for the Head of Cybersecurity Governance, Risk and Compliance role?
AccruePartners, Inc. is hiring for the Head of Cybersecurity Governance, Risk and Compliance position, a Shazamme client. Apply directly on the employer's career site.
Where is the Head of Cybersecurity Governance, Risk and Compliance job located?
The Head of Cybersecurity Governance, Risk and Compliance role with AccruePartners, Inc. is based in Charlotte, NC, US. The role is hybrid-friendly.
Is the Head of Cybersecurity Governance, Risk and Compliance role remote?
Yes — the Head of Cybersecurity Governance, Risk and Compliance position at AccruePartners, Inc. is hybrid. Candidates based in US are preferred.
Is the Head of Cybersecurity Governance, Risk and Compliance role full-time or contract?
This is a full time position at AccruePartners, Inc..
What experience level is the Head of Cybersecurity Governance, Risk and Compliance role?
The Head of Cybersecurity Governance, Risk and Compliance position is aimed at director-level candidates.
How do I apply for the Head of Cybersecurity Governance, Risk and Compliance role at AccruePartners, Inc.?
Apply directly on AccruePartners, Inc.'s career page via the Apply button on this listing. ZammeJobs links straight through to the employer's ATS — no third-party form, no resume database.
Apply direct