Senior Director of Governance, Risk, and Compliance (GRC)

Business Wire, a Berkshire Hathaway company, is the global market leader in press release distribution and regulatory disclosure. We are on a mission to redefine how organizations connect with their audiences - and that’s just the beginning!
Organizations, large and small, depend on us to accurately publicize market-moving news and multimedia, and generate social engagements that develop interactions with their target audiences.
About the RoleThe Senior Director of Governance, Risk, and Compliance (GRC) is responsible for advancing and managing Business Wire's comprehensive GRC program. This role includes establishing a robust security governance framework, ensuring compliance with internal and external audit requirements, and fostering a security-first culture across the organization. The GRC leader will collaborate with cross-functional teams to integrate risk management practices into all business operations.

What You'll Do

• Lead a GRC organization to enhance overall security strategy and align with business objectives.
• Improve and implement a security governance framework, including controls, standards, policies, and guidelines, ensuring consistent application across all technology projects, products, systems, and services.
• Manage a comprehensive Governance, Risk, and Compliance program in support of corporate audits, client assessments, and regulatory standards such as PCI DSS, SOC 2, and ISO 27001.
• Conduct regular risk assessments and periodic penetration testing and vulnerability assessments to identify and mitigate potential threats to the organization's infrastructure, applications, and data.
• Ensure vendors and third-party providers adhere to the same high-security standards as Business Wire.
• Manage the timely creation and dissemination of security-related communications including security awareness & training announcements, security compliance policies and processes, security alerts, and event messaging.
• Ensure clear reporting on GRC activities to senior leadership.
• Use metrics to evaluate and track the effectiveness of governance and compliance measures.
• Proven ability to build, lead, and mentor high-performing teams, fostering a culture of excellence.
• Strong collaboration and stakeholder management skills to align GRC objectives across various departments.
• Strategic decision-making and problem-solving capabilities to navigate complex regulatory landscapes.
• Exceptional communication skills to translate technical requirements into actionable business solutions.

What You'll Need

• Bachelor's or Master's degree in Computer Science, Information Security, or a related field.
• 10+ years of relevant industry experience in information security, with 5+ years supervisory experience.
• Expertise in building and implementing GRC frameworks and risk management processes.
• Familiarity with regulatory compliance requirements, including PCI DSS, SOC 2, and ISO 27001.
• Certified Information Systems Security Professional (CISSP) or equivalent certification is a plus.
• Strong leadership, and team-building skills.
• Excellent written & verbal communications skills with external and internal stakeholders,  executives. Ability to deliver constructive & encouraging feedback.
• Proactive, organized, analytical, detail-oriented, and persistent.
Business Wire will not sponsor a new applicant for employment authorization for this position.#LI-DNI
What We Offer The base salary range for this position is $245K to $260K/year. Offered salary will be determined by several factors, including but not limited to: applicant’s education, experience, knowledge, skills and abilities, as well as internal equity and alignment with geographic market data. Business Wire reserves the right to modify this salary range at any time.
Business Wire’s total rewards include:
• Ability to work remotely
• Excellent health benefits that begin on your first day of employment
• $100 monthly fitness allotment, a tuition reimbursement program, and enhanced mental health resources
• 401(k) plan with generous company match, and annual profit sharing contribution (subject to company performance)
• PTO, Floating Holidays, Wellness Day Off, Birthday Day Off, and more! 

A pre-employment background check will be required after the acceptance of an offer. Business Wire is proud to be an equal opportunity workplace. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. Pursuant to the San Francisco Fair Chance Ordinance and other similar state laws and local ordinances, and its internal policy, Business Wire will also consider for employment qualified applicants with arrest and conviction records.