Cybersecurity GRC Program Manager
Lighthouse Technology Services, Buffalo, NY, United States
Lighthouse Technology Services is partnering with our client to fill their Cybersecurity GRC Program Manager position! This is a 6+ month contract opportunity and will be hybrid onsite in Buffalo, NY. This role will be a W2 employee of Lighthouse Technology Services.
Position Overview:
Lead and deliver key United States cybersecurity regulatory governance and reporting obligations
Ensure compliance with applicable cybersecurity regulations and effective cyber risk management
Own end-to-end execution of time-bound regulatory programs and submissions
Produce regulator-ready and Board-ready artifacts
Maintain repeatable, auditable governance and reporting processes
Provide oversight and challenge of cybersecurity risk profile, metrics, and control effectiveness
Drive remediation follow-up for non-compliance or risk appetite breaches
Partner with cybersecurity, technology, risk, compliance, and control teams (including non-US stakeholders)
Support the Americas Cybersecurity GRC Lead and US CISO in regulatory governance activities
What You'll Be Doing:
Lead and deliver key United States cybersecurity regulatory governance and reporting obligations
Ensure compliance with applicable cybersecurity regulations and effective cyber risk management
Own end-to-end execution of time-bound regulatory programs and submissions
Produce regulator-ready and Board-ready artifacts
Maintain repeatable, auditable governance and reporting processes
Provide oversight and challenge of cybersecurity risk profile, metrics, and control effectiveness
Drive remediation follow-up for non-compliance or risk appetite breaches
Partner with cybersecurity, technology, risk, compliance, and control teams (including non-US stakeholders)
Support the Americas Cybersecurity GRC Lead and US CISO in regulatory governance activities
Key Responsibilities
Lead delivery of mandatory U.S. cybersecurity regulatory programs and submissions, ensuring planning, execution, and submission readiness
Coordinate and produce annual Board-level reporting under GLBA, ensuring consistency and quality
Support regulatory exams and engagements by coordinating responses and gathering evidence
Develop and maintain auditable processes, including templates, procedures, and evidence repositories
Produce clear, concise reporting for senior leadership, Board of Directors, and regulators
Analyze cybersecurity risk and control metrics (KPI/KRI/KCI) and identify data discrepancies
Drive root-cause analysis and track remediation actions through to closure
Prepare governance materials for recurring regulatory forums, including meeting packs and action tracking
Support NYDFS cybersecurity attestation processes and leadership briefings
Oversee remediation of cybersecurity control gaps and track progress with control owners
Provide governance oversight for cyber service sustainability and escalate risks where needed
Represent U.S. cybersecurity in governance forums and drive issue resolution
Coordinate cross-functional stakeholders to meet fixed regulatory deadlines
Respond to ad hoc regulatory requests with timely, accurate deliverables
Required Skills & Experience
Strong understanding of cybersecurity domains (Security Operations, engineering, controls, tooling)
Deep knowledge of IT governance, risk management, and compliance (GRC)
Proven experience supporting cybersecurity regulatory compliance and examinations
Demonstrated program management experience with end-to-end ownership of regulatory deliverables
Ability to build repeatable, auditable operating models and documentation
Experience analyzing risk and control metrics and driving remediation outcomes
Strong stakeholder management across cross-functional and global teams
Excellent written and verbal communication skills for executive and regulatory audiences
Ability to translate technical concepts into clear, business-friendly messaging
Strong prioritization and ability to manage competing deadlines
Proficiency in Microsoft Office tools (Excel, PowerPoint, Word, SharePoint, Power BI, Teams) and collaboration tools (e.g., Confluence)
High attention to detail with a continuous improvement mindset
Qualifications
Bachelor's degree in IT, Risk, or related discipline (or equivalent experience)
Industry certifications preferred (e.g., CISSP, CISA, CISM)
Strong program management experience in regulatory or compliance-driven environments
Experience with U.S. financial services regulatory bodies (e.g., OCC, FRB) preferred
Knowledge of U.S. cybersecurity and financial regulatory requirements required
Advanced Excel skills and ability to analyze large datasets
Understanding of banking and cybersecurity industry trends
Strong communication skills with ability to engage technical and non-technical stakeholders
Success Profile
Ability to lead through influence in a highly regulated, matrixed environment
Strong ownership mindset for delivering high-quality, deadline-driven regulatory outputs
Analytical thinker who challenges data and drives accountability
Highly organized with strong process discipline and documentation skills
Responsive and adaptable to evolving regulatory demands
P
ay Range:
$70-$80/hr
Questions about any of our jobs? Email us at recruiting@lhtservices.com
View all of our open jobs here: jobs.lhtservices.com
Position Overview:
Lead and deliver key United States cybersecurity regulatory governance and reporting obligations
Ensure compliance with applicable cybersecurity regulations and effective cyber risk management
Own end-to-end execution of time-bound regulatory programs and submissions
Produce regulator-ready and Board-ready artifacts
Maintain repeatable, auditable governance and reporting processes
Provide oversight and challenge of cybersecurity risk profile, metrics, and control effectiveness
Drive remediation follow-up for non-compliance or risk appetite breaches
Partner with cybersecurity, technology, risk, compliance, and control teams (including non-US stakeholders)
Support the Americas Cybersecurity GRC Lead and US CISO in regulatory governance activities
What You'll Be Doing:
Lead and deliver key United States cybersecurity regulatory governance and reporting obligations
Ensure compliance with applicable cybersecurity regulations and effective cyber risk management
Own end-to-end execution of time-bound regulatory programs and submissions
Produce regulator-ready and Board-ready artifacts
Maintain repeatable, auditable governance and reporting processes
Provide oversight and challenge of cybersecurity risk profile, metrics, and control effectiveness
Drive remediation follow-up for non-compliance or risk appetite breaches
Partner with cybersecurity, technology, risk, compliance, and control teams (including non-US stakeholders)
Support the Americas Cybersecurity GRC Lead and US CISO in regulatory governance activities
Key Responsibilities
Lead delivery of mandatory U.S. cybersecurity regulatory programs and submissions, ensuring planning, execution, and submission readiness
Coordinate and produce annual Board-level reporting under GLBA, ensuring consistency and quality
Support regulatory exams and engagements by coordinating responses and gathering evidence
Develop and maintain auditable processes, including templates, procedures, and evidence repositories
Produce clear, concise reporting for senior leadership, Board of Directors, and regulators
Analyze cybersecurity risk and control metrics (KPI/KRI/KCI) and identify data discrepancies
Drive root-cause analysis and track remediation actions through to closure
Prepare governance materials for recurring regulatory forums, including meeting packs and action tracking
Support NYDFS cybersecurity attestation processes and leadership briefings
Oversee remediation of cybersecurity control gaps and track progress with control owners
Provide governance oversight for cyber service sustainability and escalate risks where needed
Represent U.S. cybersecurity in governance forums and drive issue resolution
Coordinate cross-functional stakeholders to meet fixed regulatory deadlines
Respond to ad hoc regulatory requests with timely, accurate deliverables
Required Skills & Experience
Strong understanding of cybersecurity domains (Security Operations, engineering, controls, tooling)
Deep knowledge of IT governance, risk management, and compliance (GRC)
Proven experience supporting cybersecurity regulatory compliance and examinations
Demonstrated program management experience with end-to-end ownership of regulatory deliverables
Ability to build repeatable, auditable operating models and documentation
Experience analyzing risk and control metrics and driving remediation outcomes
Strong stakeholder management across cross-functional and global teams
Excellent written and verbal communication skills for executive and regulatory audiences
Ability to translate technical concepts into clear, business-friendly messaging
Strong prioritization and ability to manage competing deadlines
Proficiency in Microsoft Office tools (Excel, PowerPoint, Word, SharePoint, Power BI, Teams) and collaboration tools (e.g., Confluence)
High attention to detail with a continuous improvement mindset
Qualifications
Bachelor's degree in IT, Risk, or related discipline (or equivalent experience)
Industry certifications preferred (e.g., CISSP, CISA, CISM)
Strong program management experience in regulatory or compliance-driven environments
Experience with U.S. financial services regulatory bodies (e.g., OCC, FRB) preferred
Knowledge of U.S. cybersecurity and financial regulatory requirements required
Advanced Excel skills and ability to analyze large datasets
Understanding of banking and cybersecurity industry trends
Strong communication skills with ability to engage technical and non-technical stakeholders
Success Profile
Ability to lead through influence in a highly regulated, matrixed environment
Strong ownership mindset for delivering high-quality, deadline-driven regulatory outputs
Analytical thinker who challenges data and drives accountability
Highly organized with strong process discipline and documentation skills
Responsive and adaptable to evolving regulatory demands
P
ay Range:
$70-$80/hr
Questions about any of our jobs? Email us at recruiting@lhtservices.com
View all of our open jobs here: jobs.lhtservices.com