Director - Governance, Risk and Compliance
$185,000–$220,000 year
Hybrid · London, England, United Kingdom or New York City, New York, United States
Job Summary
Lead a global Governance, Risk, and Compliance program within FactSet's Information Security team. Drive cyber risk management, third-party risk, and customer trust initiatives; develop and maintain policies and standards aligned with SOX, SOC2, ISO 27001, and DORA; manage the Security GRC platform for visibility and remediation; coordinate audits with internal and external teams; monitor KRIs/KPIs and produce executive reports for senior management. Collaborate with Legal, Procurement, Technology, Compliance, Product, and Engineering to embed security policies into business processes; foster a cyber-aware culture through training and a Security Culture Framework; provide leadership, mentoring, and development for the GRC team. Bachelor’s degree required with Master’s preferred; 15+ years in information security with governance, risk and compliance focus; strong leadership and communication skills; US work authorization without sponsorship.
Required Qualifications
- Bachelor’s degree in information technology, Computer Science, or a related field
- 15+ years of experience in information security focusing on governance, risk and compliance domains
- Strong knowledge of IT risk assessment and IT General Controls
- Familiarity with NIST and other compliance frameworks
- Hands-on experience with third-party risk management programs
- Experience deploying and managing GRC and automation platforms
- Professional certifications such as CISA or CISSP strongly preferred
Apply with one swipe on Sorce. We auto-fill applications and apply on your behalf — no cover letters, no 40-minute forms.
Hiring someone like this?
Get your role in front of qualified candidates on Sorce.