Director of Governance Risk and Compliance (GRC) Services

PURPOSE

The Director of Governance Risk and Compliance (GRC) Services role is responsible for growing and leading a team of cybersecurity consultants who continually and strategically improve cybersecurity maturity of Ascend’s clients across diverse industries and technologies. This role oversees the development, execution, and innovation of vCISO and Security Awareness services to ensure effective GRC consulting, cybersecurity framework alignment, risk assessments, and security awareness and phishing simulation programs. The Director demonstrates the effectiveness of the team through key performance indicators (KPIs), team development and retention, and client satisfaction.

RESPONSIBILITIES

• Provide hands on leadership and development of a team of vCISOs, GRC Consultants, and Security Awareness Consultants, providing ongoing coaching, mentorship, professional development, and performance feedback to foster a high-performing team
• Track and report on key performance indicators (KPIs), contractual requirements, client satisfaction, and team member satisfaction to measure the effectiveness of GRC consulting services
• Continually develop and enhance vCISO, Security Awareness, and Security Risk Assessment service delivery strategies to ensure alignment with evolving cybersecurity standards, regulations, and emerging threats
• Lead initiatives to improve service effectiveness through SOP development on service delivery, service onboarding/offboarding, quality assurance initiatives, and tool/process migrations, integrations, and automation
• Serve as an escalation point to internal teams and clients on issue scoping and resolutions
• Collaborate with key stakeholders to support GRC service marketing and sales enablement, including pre-sales scoping Provide direct vCISO consulting services for select, strategic clients to develop and execute cybersecurity strategies
• Maintain, develop, and document service runbooks for consistent, high-quality risk consulting services ensuring regular updates to reflect industry best practices and latest standards
• Other duties as assigned

MINIMUM SKILLS AND EXPERIENCE

• One or more of the following certifications: CISSP, CISA, CISM, or equivalent.
• At least 7 years’ experience working as a CISO/vCISO.
• At least 7 years’ experience preparing for compliance audits including one or more of the following SOC2, CMMC, FDIC, HITRUST, PCI DSS, etc.
• At least 7 years’ experience in conducting assessments and risk remediation strategies that align with industry best practices such as NIST CSF, CIS Controls, NIST 800-171, ISO/IEC 27000 series, HIPAA Security Role, etc.
• At least 3 years’ experience consulting for cybersecurity services for an MSP/MSSP.
• Proven ability to make informed decisions with limited information, adapt to changing. circumstances, and drive successful project outcomes through strategic thinking and proactive execution.
• Consistently delivered results by leveraging critical thinking, creativity, and collaboration to overcome obstacles and achieve organizational goals.
• Demonstrable track record of accomplishment and success.
• Excellent problem solving, communication and team building skills.
• Excellent verbal and written communication skills.
• Excellent interpersonal and customer service skills.
• Excellent organizational skills and attention to detail.
• Excellent time management skills with a proven ability to meet deadlines.
• Strong analytical and problem-solving skills.
• Ability to function well in a high-paced and at times stressful environment.
• Strong and proven leadership skills and experience.
• Ability to shift gears and tackle high priority issues.

PREFERRED SKILLS, EDUCATION OR EXPERIENCE

• Bachelor’s degree in Cybersecurity or IT related field.
• Experience in maturing cybersecurity programs for HIPAA regulated entities.
• Ensuring continuity of cybersecurity services during mergers and acquisitions.

At Ascend Technologies we firmly believe that diversity, equity, and inclusion are not only fundamental values but also powerful drivers of innovation, growth, and success. We are committed to fostering an environment where every individual feels valued, respected, and empowered.

CORE VALUES
We are seeking highly motivated individuals who have the willingness and ability to demonstrate Ascend core values:

• Committed to Client Success: Our actions and our words always align with the best interest of the client.

• One Team: We work collaboratively to overcome challenges with humility and respect and do what it takes to find innovative solutions.

• Integrity: We are unquestionably committed to doing the right thing even when it is hard.

• Accountability: We hold ourselves and each other accountable for keeping our commitments to our clients, our communities, and one another.

• Transparency: We create open lines of communication with each other and our clients, fostering relationships founded on candor and trust.

Compensation Expectations starting at $150,000-$170,000

The salary for this position is commensurate with experience, skills, and qualifications. The range is intended to reflect our commitment to attracting top talent, and the final offer will be based on factors including, but not limited to, the candidate's previous experience, expertise in the field, relevant certifications, and the specific requirements of the role. In addition, internal equity, market trends, and geographic location may also influence the final salary.


Along with a competitive salary, we offer a comprehensive benefits package, including health, dental, and vision insurance, retirement savings options, flexible time off (FTO), and professional development opportunities. We are open to discussing compensation and benefits further during the interview process to ensure alignment with the candidate’s expectations and experience.

PHYSICAL DEMANDS:
Must be able to sit, stand, and bend for the duration of shift. The position is mainly sitting, with occasional lifting up to 50 lbs, such as laptop, server equipment, and, driving to the work site to meet with client(s).