Vice President of Risk Management

Role: VP of Risk Management (Security)

Location: Scottsdale, AZ or Dallas, TX highly preferred, but US Remote will be considered

Blue Yonder is a global leader in digital supply chain software solutions. We empower businesses to optimize their supply chains with AI-driven insights and innovative solutions. Join us to shape the future of global cyber security.

Overview:

The Vice President of Enterprise Risk will be responsible for leading the company’s security GRC strategy and operations globally. This executive will work across all levels of the organization to define and drive the governance, risk, and compliance framework, ensuring that risks are proactively identified and managed, compliance requirements are met, and governance practices are aligned with business objectives and regulatory standards. The role requires a hands-on leader with a deep understanding of GRC principles, regulatory requirements, risk management, security and technical controls, and governance.

Scope & What You’ll Do:

• Leadership & Strategic Vision:
  • Develop and lead the global GRC strategy for Security, ensuring alignment with the company’s business objectives and risk management goals.
  • Provide strategic leadership on all governance, risk, and compliance matters, driving the company’s efforts to manage and mitigate security and technology risks while maintaining compliance with regulations.
  • Act as a trusted advisor to the executive team, the board of directors, and senior management on all aspects of GRC, helping them navigate regulatory changes and emerging threats and risks.

• Governance Framework:
  • Establish and implement a comprehensive security governance framework and strategy to prioritize security program initiatives, ensure clear accountability, decision-making processes, and oversight mechanisms are in place across the organization.
  • Ensure the organization’s security governance practices and policies/standards comply with industry standards and regulatory requirements, and continuously enhance them in response to evolving needs and risks.
  • Lead Security governance initiatives that foster transparency, trust, and integrity in business and technology operations.

• Risk Management:
  • Develop and manage a robust global security and technology risk management program, identifying, assessing, and mitigating key risks across all business units and geographies.
  • Lead the company’s security risk management processes, including risk identification, risk assessments, risk mitigation strategies, and the development of risk appetite and tolerance statements.
  • Oversee the creation and execution of enterprise-wide security risk management strategies, ensuring business continuity plans are robust and effectively managed.

• Compliance Management:
  • Lead the development, implementation, and ongoing maintenance of a global security and technology compliance program, ensuring the organization meets regulatory requirements in all jurisdictions where it operates (e.g., GDPR, CCPA, SOX, industry-specific regulations).
  • Drive and maintain security compliance certifications and industry frameworks to meet company and stakeholder trust objectives (e.g., SOC 2, ISO 27001/2, NIST, or related industry certifications)
  • Oversee internal and external audits, regulatory inspections, and investigations to ensure adherence to compliance standards and promptly address any findings or issues.

• Global Standards & Best Practices:
  • Continuously monitor and adapt to changing global regulatory and compliance landscapes, ensuring the organization remains compliant with new and evolving laws and industry standards.
  • Champion the adoption of best practices in security and technology governance, risk management, and compliance, promoting a culture of risk awareness and compliance across the organization.
  • Develop and implement training programs to raise awareness of security standards and best practices within the company.

• Stakeholder Engagement & Communication:
  • Communicate the company’s security GRC strategy, goals, and performance to key internal and external stakeholders, including the board of directors, senior leadership, regulators, and auditors.
  • Prepare regular reports and updates on risk management and compliance activities for senior leadership and the board.
  • Represent the company in interactions with regulators, external auditors, customers, and other third parties, ensuring effective communication and resolution of any issues or concerns.

• Team Leadership & Development:
  • Build, lead, and mentor a high-performing global security GRC team, ensuring they have the skills, resources, and support to execute the security strategy effectively.
  • Foster a culture of collaboration, accountability, and continuous improvement.

What We Are Looking for:

• Education:
  • Bachelor’s degree in Technology, Cybersecurity, Information Systems or related field. Relevant security certification (e.g., CISM, CISSP, CRISC or related) is preferred.
• Experience:
  • 15+ years of experience in cybersecurity, risk management, and technology compliance, with at least 7+ years in a senior leadership role overseeing related functions.
  • Deep knowledge of security compliance and regulatory requirements (e.g., NIST, SOX, ISO, GDPR, and industry-specific standards) and experience leading applicable compliance programs.
  • Proven track record in developing and executing enterprise-wide security GRC strategies, managing complex risk environments, and maintaining compliance with evolving regulations.
  • Experience in security governance, internal controls, and risk management methodologies, with an ability to influence senior leadership and board-level stakeholders.
• Skills:
  • Strong leadership and interpersonal skills with the ability to influence and collaborate across business functions, including legal, finance, IT, engineering, and operations.
  • Excellent communication skills, with the ability to present complex security issues clearly to senior executives, the board, and regulatory bodies.

-------------------------------------------

The base salary range for this role is $212,361 to $275,639.

The salary range information provided, reflects the anticipated base salary range for this position based on current national data.  Minimums and maximums may vary based on location.  Individual salary will be commensurate with skills, experience, certifications or licenses and other relevant factors.  In addition, this role will be eligible to participate in either the annual performance bonus or commission program, determined by the nature of the position.

At Blue Yonder, we care about the wellbeing of our employees and those most important to them. This is reflected in our robust benefits package and options that includes: 

• Comprehensive Medical, Dental and Vision 

• 401K with Matching 

• Flexible Time Off 

• Corporate Fitness Program 

• A variety of voluntary benefits such as; Legal Plans, Accident and Hospital Indemnity, Pet Insurance and much more

At Blue Yonder, we are committed to a workplace that genuinely fosters inclusion and belonging in which everyone can share their unique voices and talents in a safe space. We continue to be guided by our core values and are proud of our diverse culture as an equal opportunity employer. We understand that your career search may look different than others, and embrace the professional, personal, educational, and volunteer opportunities through which people gain experience.

Our Values

If you want to know the heart of a company, take a look at their values. Ours unite us. They are what drive our success – and the success of our customers. Does your heart beat like ours? Find out here: Core Values

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.