Sr. Manager, Governance Risk and Compliance

Role Description and Mission

The Senior Manager, Governance, Risk, and Compliance (GRC) is a strategic leadership position accountable for the architectural integrity of the organization's cybersecurity policies, risk governance frameworks, and contractual compliance standards. Reporting directly to the Chief Information Security Officer (CISO), this role oversees the end-to-end audit lifecycle, external security certifications, and client trust assessments across the enterprise B2B2C platform. The Senior Manager partners across Security, Engineering, and Legal to engineer security exhibits, manage the third-party vendor risk ecosystem, and drive the modernization of GRC operations through automated compliance tooling and generative AI applications. This position ensures that the organization’s security and privacy controls scale alongside evolving regulatory environments while maintaining the rigorous security posture expected by major automotive, insurance, and fleet enterprise partners.

Key Outcomes

• Audit Lifecycle & Client Trust Leadership: Command the end-to-end response strategy for annual client security assessments; direct the preparation and multi-day presentation of complex technical evidence to sophisticated enterprise partners.
• External Framework Certification: Own the successful execution, maintenance, and scope validation of core compliance frameworks, including PCI-DSS, ISO 27001, SOC2 Type II, and TISAX.