Lead the enterprise cybersecurity governance framework, including policies, standards, controls, and procedures.
Drive cybersecurity strategy and roadmap initiatives aligned with business goals and risk tolerance.
Provide leadership with visibility into cybersecurity posture, risks, compliance status, and program effectiveness.
Lead governance committees and facilitate cross-functional cybersecurity initiatives.
Risk Management
Conduct enterprise cybersecurity risk assessments and oversee risk treatment activities.
Maintain the cybersecurity risk register and monitor remediation efforts.
Evaluate emerging threats, vulnerabilities, and business impacts.
Perform security reviews for new technologies, projects, and strategic initiatives.
Lead third-party and vendor security risk assessments and due diligence activities.
Compliance & Security Assurance
Manage cybersecurity compliance programs aligned with frameworks and regulations.
Coordinate internal and external audits and oversee remediation of audit findings.
Ensure security controls, documentation, and evidence repositories support ongoing compliance requirements.
Monitor and report compliance performance and remediation progress.
Security Operations Oversight
Partner with Security Operations teams and external providers to strengthen monitoring, threat detection, incident response, and vulnerability management programs.
Review significant cybersecurity incidents, root cause analyses, and corrective action plans.
Participate in incident response exercises, tabletop simulations, and post-incident reviews.
Drive continuous improvement of security controls, detection capabilities, and response processes.
Monitor security metrics, KPIs, KRIs, and operational reporting.
Third-Party Risk & Security Vendor Management
Manage relationships with MDR, MSSP, SOC-as-a-Service, and other cybersecurity service providers.
Review vendor assessments, SOC reports, penetration test results, and compliance documentation.
Ensure third-party providers meet security, compliance, and contractual obligations.
Lead vendor risk remediation and ongoing security performance reviews.
Leadership & Stakeholder Engagement
Lead and mentor cybersecurity governance, risk, and compliance professionals.
Partner with IT, Security, Legal, Privacy, HR, Audit, and business leaders to address cybersecurity risks and compliance requirements.
Present cybersecurity risks, compliance status, audit results, and strategic recommendations to senior leadership and governance committees.
Serve as a trusted advisor on cybersecurity governance, risk management, and regulatory compliance.
Required Qualifications
Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field.
12+ years of experience in cybersecurity, information security, risk management, compliance, audit, or security
Additional Information
FORTNA partners with the world's leading brands to transform omnichannel and parcel distribution operations. Known world-wide for enabling companies to keep pace with digital disruption and growth objectives, we design and deliver solutions, powered by intelligent software, to optimize fast, accurate and cost-effective order fulfillment and last mile delivery. Our people, innovative approach and proprietary algorithms and tools ensure optimal operations design and material and information flow. We deliver exceptional value every day to our customers with comprehensive services and products including network strategy, distribution center operational design and implementation, material handling automated equipment, robotics and a comprehensive suite of lifecycle services.
At FORTNA, we believe in fostering a workplace that isn't just a job but a movement - a collective effort to redefine success and transform challenges into opportunities. "Join the Movement" encapsulates our commitment to a workplace culture that thrives on collaboration, celebrates diversity, and empowers every individual to contribute to something greater than themselves. Our Team. Our Passion. Our Approach.
Position Summary
We are seeking an experienced Senior Manager, Cybersecurity Governance, Risk & Compliance (GRC) to lead and mature our enterprise cybersecurity governance, risk management, compliance, and security assurance programs. This role is responsible for ensuring cybersecurity risks are effectively identified, managed, and communicated while maintaining compliance with regulatory requirements and industry security frameworks.
The Senior Manager will partner closely with Security Operations, IT, Legal, Privacy, Internal Audit, business leaders, and third-party providers to strengthen the organization's security posture, drive risk-based decision-making, and support business objectives. This position combines strategic leadership with operational oversight across governance, compliance, risk management, incident management, and vendor security programs.
Mhs · Atlanta, GA