VP Cyber GRC, Vendor Management & Awareness

Benefits

Additional Information

Job Summary: Reporting to the Chief Information Security Officer (CISO), the VP of Cyber GRC (Governance, Risk and Compliance), Vendor Management & Awareness leads the Cyber GRC, Third-Party Vendor Risk Management, and Security Awareness teams, building scalable governance capabilities to support the enterprise and IT governance programs. This leader ensures the organization meets regulatory compliance, advances cyber risk management and AI governance, and maintains policy alignment across all functions. The VP owns the cyber component of GRC, including cybersecurity policies, implementation of controls, and compliance monitoring, while collaborating with enterprise and IT governance to foster consistent, risk-informed decision-making across the company. Essential Duties and Responsibilities: Establish and lead the Cyber GRC function, including the development of cybersecurity policies, implementation of control frameworks (NIST CSF 2.0, CIS Controls v8, ISO 27001), compliance monitoring, and audit readiness aligned with SEC, FINRA, and state regulatory requirements (e.g., NYDFS). Oversee the third-party vendor risk management program from a cybersecurity perspective, including vendor security assessments, contract security requirements, ongoing monitoring of key vendors, and integration with enterprise procurement to ensure security and AI considerations are embedded and keep pace with business needs. Build and enhance the enterprise security awareness and training program, incorporating phishing simulations, role-based training, security culture assessments, and executive initiatives to measurably reduce human-related security risks. Lead AI governance strategy in cybersecurity, including acceptable use policies, model risk analysis, risk tiering of use cases, and oversight of third-party AI tools to meet emerging regulatory standards and support digital workforce initiatives. Develop a cyber risk management capability that produces quantified risk posture reporting, key risk indicator dashboards, and board-level cyber risk intelligence connecting program performance to business strategy and investment priorities. Collaborate with Security Architecture & Engineering, Monitoring & Response, Legal, and enterprise IT governance to integrate cyber GRC into strategic planning, mergers & acquisitions, product launches, and change management. Represent the cybersecurity organization to regulators, auditors, and third-party assessors; support examination management, regulatory response, and supervisory engagement in partnership with the CISO. Required Education and Experience: 15+ years of progressive cybersecurity and risk management experience in leadership roles within large, complex enterprises-particularly in financial services, insurance, technology, or media. Proven ability to lead at the executive level and build mature security programs from the ground up. Direct experience in financial services required; strong understanding of regulatory environments and examination processes in banking, insurance, or capital markets, including the ability to rapidly develop expertise in wealth management regulatory requirements (SEC, FINRA, NYDFS). Demonstrated success building and maturing technology risk management, security assurance, and compliance programs at scale; experience launching new security functions and revitalizing underperforming programs. Experience designing and implementing security metrics programs, risk quantification frameworks, and executive-level reporting to link cybersecurity performance with business outcomes; ability to translate technical risks for board and senior leadership. Strong strategic advisory skills and cross-functional leadership, with the ability to collaborate with CISOs, CIOs, and business executives to align security strategy with business goals, and to influence across engineering, legal, finance, and operational teams. Required License/Certification: Relevant certifications preferred: CISSP, CISM, CRISC, CISA, CGEIT, or equivalent. #LI-DM1 #LI-REMOTE We welcome your interest in being a part of our firm. We believe in giving associates progressive opportunities, actively nurturing professional growth and giving back to the community. We are dedicated to building a diverse culture where everyone has the support they need to achieve their career goals. We offer an innovative workplace and a culture that fosters camaraderie, teamwork and work-life balance. By submitting your application, you agree to the collection and use of your personal information as described in our Employee and Applicant Privacy Notice . EOE M/F/D/V

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at Mariner? Share your experience