Apply on Employer Site

CFGI · 1 day ago

GRC and Data Privacy Senior Manager

United States

Full-time

Remote

Senior Level, Lead/Staff

8+ years exp

CFGI is seeking a Cybersecurity GRC & Data Privacy Subject Matter Expert to lead and deliver strategic advisory engagements that strengthen clients’ security governance, risk management, compliance posture, and privacy programs. This role involves working directly with senior executives to design and implement effective governance and risk management frameworks.

AccountingConsultingFinancial Services

Work & Life Balance

Responsibilities

Lead end-to-end GRC and privacy engagements, including scoping, planning, execution, and executive reporting

Design and operationalize cybersecurity governance models (policies, standards, risk appetite, committees, reporting KPIs/KRIs)

Build and mature enterprise risk programs: risk assessments, risk registers, control libraries, and control testing approaches

Develop and implement security policies, standards, and procedures aligned to common frameworks (e.g., NIST CSF, ISO 27001/27002, CIS, SOC 2)

Support regulatory readiness and compliance initiatives (e.g., SEC cyber disclosure support, NYDFS 500, GDPR/UK GDPR, CCPA/CPRA, HIPAA, PCI DSS, SOX ITGC alignment where applicable)

Stand up or enhance privacy programs: data mapping/inventories, DPIAs/PIAs, DSAR processes, retention, consent management, third-party privacy risk, and privacy by design

Perform vendor/third-party risk assessments and implement scalable TPRM operating models

Coordinate cross-functional stakeholders (Legal, IT, Security, Compliance, Product, HR) to drive outcomes and adoption

Translate complex technical, regulatory, and privacy requirements into business-oriented recommendations

Deliver executive-ready artifacts: board/audit committee materials, roadmaps, operating models, heatmaps, and risk dashboards

Serve as a trusted advisor to senior leadership; confidently present findings and influence decisions

Contribute to go-to-market development: offerings, templates, accelerators, methodologies, and points of view

Support business development through proposal writing, SOW development, client presentations, and solution shaping

Mentor and develop consultants and managers; lead teams across multiple engagements while maintaining quality and delivery rigor

Partner with other CFGI service lines (Accounting Advisory, CFO Advisory, Technology Enablement) to deliver integrated solutions

Qualification

Cybersecurity GRCPrivacy Program ManagementRegulatory ComplianceRisk ManagementNIST CSFISO 27001CIS ControlsGDPRCISA CertificationExecutive CommunicationClient AdvisoryProposal WritingTeam Leadership

Required

Eight plus years of relevant experience in cybersecurity GRC, privacy, risk management, compliance, or consulting (level will map to experience)

A Bachelor's degree in a relevant field

Demonstrated expertise implementing and operationalizing cybersecurity frameworks and control programs: NIST CSF / NIST 800-53 (nice-to-have), ISO 27001/27002, SOC 2, CIS Controls

Strong privacy fundamentals and experience with privacy program build-out and operations: GDPR/UK GDPR, CCPA/CPRA; experience with HIPAA/GLBA or other sectoral privacy standards is a plus

Experience performing or leading: enterprise/security risk assessments. control design/testing, policy and standards development, TPRM programs, compliance/regulatory readiness programs

Exceptional written and verbal communication skills with a track record of producing executive-level deliverables

Proven ability to lead teams, manage timelines/budgets, and deliver in a client-facing environment

Preferred

Certifications: CISM, CISSP, CRISC, CISA, ISO 27001 Lead Implementer/Lead Auditor, CIPM/CIPP (E/US), CDPSE

PE/portfolio company experience: rapid maturity uplift, integration, carve-out/stand-up, and pragmatic road mapping

Exposure to incident readiness, tabletop exercises, and crisis communications coordination with Legal/Comms

Experience supporting audits and assurance activities (SOC 2 readiness, ISO certification readiness, internal audit coordination)

Benefits

Competitive compensation

Benefits

Career growth trajectory

Company

CFGI

CFGI is a corporate finance and financial consulting firm that specializes in complex accounting, reporting, tax, and compliance issues.

Founded in 2000

Boston, Massachusetts, USA

501-1000 employees

http://www.cfgi.com/

Funding

Current Stage

Late Stage

Total Funding

unknown

Key Investors

The Carlyle Group

2021-09-15Acquired

2018-03-01Private Equity

Leadership Team

Nicholas J. Nardone

Co-CEO

Steven M Michienzi

Chief Financial Officer

Recent News

The Register

'Technical debt' in police database built to respond to child murders causing a 'failing service'

2025-09-22

Research and Markets

Financial Accounting Advisory Services Market Forecast Report to 2034: A $129.58 Billion Market by 2029

2025-09-02

Computer Weekly

Accounting watchdog ‘disclaims’ College of Policing financial accounts after serious IT failures

2025-07-10

Company data provided by crunchbase