Senior Cybersecurity Governance, Risk and Compliance (GRC) Associate

About The Position

Requirements

• Bachelor’s degree or equivalent experience; relevant certifications preferred (e.g., CBCP, MBCP, MBCI, FBCI)
• 3-6+ years’ experience in cybersecurity GRC and/or BC/DR roles, ideally within financial services.
• Strong analytical and critical thinking skills and the ability to organize work in a logical, thorough, and succinct manner.
• Highly self-motivated, results-orientated, and self-directed to handle multiple ongoing tasks.
• Flexibility to adapt to changing assignments and ability to effectively prioritize.
• Effective written and verbal English communication at all levels.
• Demonstrated ability to operate and innovate in a small team with a fast‐paced environment, balancing both strategic and tactical needs.
• Must be 18 years of age or older.
• Must have unrestricted work authorization to work in the United States.
• For U.S. employment opportunities, Corient hires U.S. citizens or permanent residents.
• Must be willing to execute Corient’s Employee Agreement or Confidentiality and Non-Disclosure Agreement, which require, among other things, post-employment obligations relating to non-solicitation, confidentiality, and non-disclosure.

Responsibilities

• Maintain and enhance the Information Security Policy Framework, ensuring alignment with regulatory requirements and industry standards (e.g., NIST, ISO, CIS).
• Collaborate with stakeholders to ensure policies are understood, adopted, and enforced across the organization.
• Implement and operationalize GRC platform; create and maintain automated workflows, associated processes, and related documentation.
• Maintain the enterprise Information Security Risk Register and perform periodic and ad hoc risk assessments.
• Monitor and report on meaningful metrics and reporting, including Key Risk Indicators (KRIs) and Key Performance Indicators (KPIs).
• Support risk treatment planning and execution, ensuring alignment with the organization’s risk appetite.
• Perform third party risk assessments and ongoing oversight activities.
• Facilitate security compliance framework assessments, control narrative creation, and evidence collection.
• Conduct control testing, identify deficiencies, and drive remediation efforts.
• Support the development and ongoing maintenance of an integrated control framework to assess and monitor compliance.
• Promote a security-first mindset across the organization.
• Contribute to the development and delivery of security awareness programs.

Benefits

• 401(k) Plan with Employer Matching
• Four Medical Plan options that is generously subsidized by Corient
• Employer paid Dental, Vision & Life and AD&D Insurance
• Employer paid Short-term & Long-term Disability
• Paid Maternity & Parental Leave
• Flexible Spending Accounts & Health Savings Accounts
• Dependent Care FSA
• Commuter & Transit FSA
• Corporate Discount Program - Perkspot
• Training Reimbursement
• Paid Professional Designations
• Giving back to the community - Volunteer days