Director, Cybersecurity GRC
On-site · Lewisville, Texas, United States
Job Summary
Director, Cybersecurity GRC is a senior leadership role responsible for defining and maturing the enterprise cybersecurity governance, risk, and compliance program. The role provides strategic direction for cybersecurity risk management, regulatory compliance, and internal control assurance, partnering with executive leadership, Internal Audit, Legal, and Privacy to ensure risks are identified, measured, and communicated in alignment with risk appetite and regulatory obligations. Key responsibilities include defining the GRC strategy and maturity model, establishing governance structures and standards, leading risk assessments and remediation oversight, developing and enforcing policies and control frameworks, ensuring audit readiness and evidence management, and delivering regular risk and compliance reporting to governance bodies. The position also involves overseeing the selection and optimization of GRC tools, leading a high-performing team, and coordinating across Technology, Legal, Privacy, Internal Audit, and business units to integrate risk considerations into strategic initiatives.
Required Qualifications
- Bachelor’s degree in Cybersecurity, Information Security, Computer Science, Risk Management, or a related field
- Advanced degree and/or professional certifications strongly preferred, including CISA, CISM, CISSP, CRISC, GRCP, or equivalent
- 8–12 years of progressive experience in cybersecurity risk management, compliance, audit, or GRC functions
- Minimum of 5 years in a senior leadership role with responsibility for enterprise-level programs and people leadership
- Deep expertise in cybersecurity governance frameworks, regulatory requirements, and control environments
- Demonstrated experience building or transforming cybersecurity GRC programs within complex, multi-site or regulated environments
- Proven ability to engage effectively with executive leadership, auditors, and regulators
- Hands-on experience with enterprise GRC platforms such as ServiceNow GRC, LogicGate, Drata, or similar solutions
Apply with one swipe on Sorce. We auto-fill applications and apply on your behalf — no cover letters, no 40-minute forms.
Hiring someone like this?
Get your role in front of qualified candidates on Sorce.