Manager, Cybersecurity Governance Risk & Compliance

Jobgether·Lever
United StatesFull-time$118k–$168kPosted Jul 3, 2026
Apply

This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Manager, Cybersecurity Governance Risk & Compliance based in the United States.

This is a senior leadership role focused on strengthening and scaling an enterprise Third-Party Risk Management (TPRM) and cybersecurity governance function within a fast-paced, healthcare technology environment. You will lead a team responsible for vendor risk assessments, contract security reviews, continuous monitoring, and executive risk reporting. The role combines people leadership with hands-on risk oversight, requiring the ability to guide complex cybersecurity decisions while ensuring consistency, quality, and alignment with enterprise risk tolerance. You will partner closely with cross-functional stakeholders across legal, procurement, privacy, compliance, and technology to ensure third-party risks are properly identified and managed. In addition to operational leadership, you will play a key role in shaping governance frameworks, improving processes, and driving automation across the program. This is a high-visibility position where your work directly influences organizational resilience, regulatory readiness, and strategic vendor decision-making.

This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Manager, Cybersecurity Governance Risk & Compliance based in the United States.

This is a senior leadership role focused on strengthening and scaling an enterprise Third-Party Risk Management (TPRM) and cybersecurity governance function within a fast-paced, healthcare technology environment. You will lead a team responsible for vendor risk assessments, contract security reviews, continuous monitoring, and executive risk reporting. The role combines people leadership with hands-on risk oversight, requiring the ability to guide complex cybersecurity decisions while ensuring consistency, quality, and alignment with enterprise risk tolerance. You will partner closely with cross-functional stakeholders across legal, procurement, privacy, compliance, and technology to ensure third-party risks are properly identified and managed. In addition to operational leadership, you will play a key role in shaping governance frameworks, improving processes, and driving automation across the program. This is a high-visibility position where your work directly influences organizational resilience, regulatory readiness, and strategic vendor decision-making.

Accountabilities:

    • Lead and develop a Third-Party Risk Management (TPRM) team, including coaching, performance management, hiring, and capability building.
    • Oversee daily TPRM operations including vendor risk assessments, contract security reviews, continuous monitoring, and remediation tracking.
    • Review and approve high-risk vendor assessments, risk ratings, exception requests, and mitigation plans to ensure alignment with enterprise risk standards.
    • Serve as escalation point for complex cybersecurity and vendor risk decisions, providing structured recommendations to leadership.
    • Ensure consistent application of risk methodologies, governance frameworks, and documentation standards across all assessments.
    • Partner with business, legal, procurement, compliance, privacy, and IT teams to manage third-party risk throughout the vendor lifecycle.
    • Drive development and continuous improvement of cybersecurity policies, standards, and governance processes.
    • Lead audit readiness activities and support regulatory and internal audit requests with complete, defensible documentation.
    • Own executive reporting for the TPRM program, including dashboards, KPIs, KRIs, and portfolio risk insights.
    • Lead strategic initiatives to improve automation, operational efficiency, and maturity of the cybersecurity governance program.
    • Integrate AI governance considerations into third-party risk practices in collaboration with legal, privacy, and compliance teams.
    • Requirements:

      • Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or related field, or equivalent experience.
      • 8+ years of experience in cybersecurity, governance, risk management, compliance, or third-party risk management.
      • 2–3+ years of people management or team leadership experience.
      • Strong background in enterprise TPRM, cybersecurity governance, or GRC program leadership.
      • Deep understanding of risk assessment methodologies, cybersecurity controls, and vendor risk frameworks.
      • Experience developing policies, governance models, and executive-level reporting (KPIs, KRIs, dashboards).
      • Strong stakeholder management skills with the ability to influence executive and cross-functional decisions.
      • Excellent communication skills, with the ability to translate technical risk into business impact.
      • Experience supporting audits, regulatory requirements, and risk compliance initiatives.
      • Preferred certifications: CISSP, CISM, CRISC, CISA, CCSP, or CCSK.
      • Preferred: experience with AI governance, TPRM platforms, and cybersecurity frameworks such as NIST, ISO 27001, SOC 2, or HITRUST.
      • Benefits:

        • Competitive salary range: $118,000 – $167,700 (based on experience)
        • 100% remote work with flexibility across the United States
        • Comprehensive medical, dental, and vision insurance
        • Retirement savings plan and financial wellbeing programs
        • Paid time off, holidays, and flexible work arrangements
        • Professional development support, including certifications and tuition reimbursement
        • Employee wellness, mental health, and assistance programs
        • Opportunity to lead and mature a high-impact enterprise cybersecurity program
        • Exposure to AI governance, advanced risk frameworks, and enterprise security strategy
        • Inclusive, people-first culture focused on collaboration, growth, and innovation
How Jobgether works: We use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Our system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team. We appreciate your interest and wish you the best!  Why Apply Through Jobgether?    Data Privacy Notice: By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre-contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time.     #LI-CL1

Want jobs like this matched to you?

Swoopd scores fresh postings against your résumé so you only see the matches that matter.

Get started free