Cybersecurity Governance Lead

About Slate

Slate is a new US Electric Vehicle company transforming the battery electric vehicle space.

Who we are looking for:

As a Cybersecurity Governance Manager, you will lead the development and oversight of enterprise-wide cybersecurity policy, compliance, risk management and data governance programs. This includes implementing governance frameworks, managing regulatory compliance, and driving audit activities. You will collaborate closely with executive leadership, legal, audit, and security teams to foster a strong security and risk-aware culture across the organization.

This role requires 10+ years of experience in cybersecurity governance, risk, and compliance (GRC). The ideal candidate brings knowledge of frameworks such as NIST, ISO 27001, SOX, and experience in third-party risk management. You will play a key role in audit oversight, compliance tracking, and supporting enterprise security strategy.

Applicants must be authorized to work for any employer in the U.S.  We are unable to financially sponsor or take over sponsorship of an employment Visa for this opportunity currently.

What you get to do:

• Develop and lead the organization’s cybersecurity governance and compliance strategy, ensuring alignment with business goals, regulatory requirements, and emerging threats.
• Oversee enterprise-wide compliance efforts, including risk assessments, audit management, and cybersecurity reporting.
• Lead internal and external audits, managing evidence collection, findings, and remediation tracking.
• Manage IT regulatory compliance programs (e.g., NIST CSF, SOX, ISO 27001), ensuring controls are effectively designed, implemented, and maintained.
• Coordinate with cross-functional teams (Audit, Legal, Compliance, Risk, and regulators) to respond to external questionnaires and ensure audit and regulatory readiness.
• Monitor and report key compliance and risk metrics, delivering actionable insights to executive leadership on security posture and control effectiveness.
• Maintain change requests and governance documentation, ensuring cybersecurity policies, standards, and procedures are current and aligned with industry best practices.
• Support third-party risk management, evaluating vendor cybersecurity practices through assessments and contractual requirements.
• Advise on data governance, including retention and lifecycle management, ensuring alignment with internal policies and external regulations.

What you bring to the team:

• 10+ years of experience in cybersecurity governance, risk management, and compliance (GRC)
• Expertise in ISO 27001, NIST CSF, SOX, and other regulatory frameworks.
• Proven experience in developing, implementing, and enforcing cybersecurity policies, standards, and governance frameworks.
• Experience leading enterprise-wide cybersecurity risk assessments, regulatory audits, and compliance initiatives.
• Hands-on experience managing IT audits and remediation tracking.
• Experience with GRC tools and technologies to enhance policy tracking, audit management, and compliance reporting.
• CISM, CISA, CRISC, GPCA, CGRC or other relevant certifications are a plus.

We want to work with people that reflect the communities in which we operate.

Slate is proud to be an Equal Employment Opportunity and Affirmative Action employer.  We do not discriminate based upon race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, veteran status, marital status, parental status, cultural background, organizational level, work styles, tenure and life experiences.  Or for any other reason.

Slate is committed to providing reasonable accommodation for qualified individuals with disabilities in our job application procedures.  If you need assistance or an accommodation due to a disability, you may contact us at recar-talent_acquisition@slate.auto or (813) 468-7257.